|
|
| Phone: (202) 342-8603 |
Fax: (202) 342-8451 |
| vCard: |
 |
| |
Alysa Hutnik is an associate in the firm’s Washington, D.C. office. Her practice includes representing clients in all forms of consumer protection matters, from counseling to defending regulator investigations and litigation. Her specific focus is on advertising, privacy, and data security law.
On these topics, Ms. Hutnik frequently conducts workshops and gives speeches, is often quoted in major business and law journals and articles, and has authored numerous advertising, privacy, and data security publications. She also was the chair of the American Bar Association (Section of Antitrust)’s Data Security Handbook, a practical guide for data security legal practitioners.
Prior to joining Kelley Drye, Ms. Hutnik was a federal clerk for the Honorable Joseph R. Goodwin, United States District Judge, Southern District of West Virginia. |
| |
Representative Experience:
Representing clients in advertising substantiation proceedings, investigations, and inquiries from the Federal Trade Commission (FTC); State Attorneys General; the National Advertising Division (NAD); the National Advertising Review Board (NARB); television networks; and federal and state courts and agencies.
Counseling clients regarding compliance with federal and state laws on privacy and data security, including the FTC Act, Gramm-Leach-Bliley Act, the GLB Safeguards Rule, FCRA, FACTA, HIPAA, and state privacy and information security laws. Her counseling includes advising companies on the necessary and recommended steps to take following the occurrence of an information security breach, how to design and implement a compliant privacy and information security program, and strategies for contracting with, and providing sufficient and practical oversight and monitoring of, vendors that will be handling personal information on the company’s behalf.
Training clients’ employees on privacy, data security, advertising and business practices that comply with federal and state consumer protection law, and drafting related marketing guidelines, privacy and data security policies, and employee training materials.
Performing privacy and data security audits of companies’ information practices, and assisting companies on identifying and implementing remediation efforts.
Assisting clients in developing and clearing advertising claims and evaluating competitors’ conduct for potential advertising challenges.
Representing clients in competitor challenges and consumer protection litigation in state and federal courts, primarily involving on- and off-line retailers, technology companies, telecommunications providers, and companies that support the financial services industry. |
| |
Honors and Awards:
Ranked in the 2008 and 2009 editions of Chambers USA as a leading privacy & data security attorney.
|
| |
Memberships and Associations:
American Bar Association
International Association of Privacy Professionals |
| |
Professional Activities:
Ms. Hutnik is Chair of the American Bar Association’s (ABA) Privacy and Information Security Committee (within the Section of Antitrust), the Chair of the ABA’s Data Security Handbook, and is an editor and contributor to the ABA’s newsletter, The Secure Times, which addresses privacy and data security legal developments. She also is an active member of the ABA’s Consumer Protection Committee, and regularly organizes teleconferences, brown bags, and other meetings for the ABA concerning developments in the law related to advertising, privacy and data security. |
| |
Publications:
"Health IT Law Addresses Interoperability, Privacy, Security And Deployment Of Electronic Health Records," Metropolitan Corporate Counsel, March 2009, with Meg Hardon.
"Early 2009 Shows Active FTC Data Security Enforcement; No Room For Lax Safeguards," Metropolitan Corporate Counsel, March 2009.
“New Massachusetts Data Security Requirements Go Into Effect in January 2009,” Cyberspace Lawyer, Nov. 2008, with David Rosen.
"New Connecticut Privacy Law Talks Big but Explains Little," Connecticut Lawyer, Oct. 2008, with Jennnifer Ngai.
Chair, Data Security Handbook, American Bar Association, March 2008.
"State Privacy and Data Protection Laws: Let's Recap," Privacy Tracker, Vol.1, No.1, March 2008.
"Federal Trade Commission holds Town Hall meeting on Behavioral Targeting," Privacy and Data Security Law Journal, Vol. 3, No.1, December 2007, with Reed Freeman.
"Federal Trade Commission and Banking Authorities Issues Identity Theft and 'Address Discrepancy' Rules," Privacy and Data Security Law Journal, Vol. 3, No. 1, December 2007, with Reed Freeman.
"Privacy and Data Security Update: How to Make Certain the Compliance Checklist Is Up-To-Date," Privacy and Data Security Law Journal, Vol. 2, No. 11, October 2007, with John Villafranco.
"Protect Yourself," PROMO Magazine, May 2007, with Gonzalo Mon.
“Blogging Do’s and Don’ts,” Internet Law & Strategy, February 2007, with John Villafranco.
"Corporate Blogging: What to Keep in Mind Before You Start Your Own," Computer & Internet, Andrews Litigation Reporter, Vol. 24, No. 14 (December 2006), with John Villafranco.
“New State Privacy Laws: Regulating the Use of Social Security Numbers and Requiring Wireless Security Warnings,” Privacy and Data Security Law Journal, Vol. 1, No. 8, December 2006, with Lew Rose.
“FTC Settles Privacy Case with Nations Title Agency,” Privacy and Data Security Law Journal, July 2006, with Jason K. Levine.
“House Judiciary Committee Passes Data Security Bill,” Privacy and Data Security Law Journal, July 2006, with Jason K. Levine.
“Case Closed: Learning from Ten Years of Federal Trade Commission Letters Closing Consumer Protection Cases,” ABA Consumer Protection Update, Summer 2006, with Lew Rose and John Villafranco.
“Identity Theft: What’s a Business to Do When a Consumer Calls to Complain about a Fraudulent Payment?,” Privacy and Data Security Law Journal, Vol. 1, No. 6 , May 2006.
“Product Placement and Brand Integration Strategies: Managing the Risks of Regulatory Uncertainty, ” ABA Consumer Protection Update, Spring 2006, with John Villafranco.
“New Privacy Laws Restricting Use of Social Security Numbers: Is Your Business Compliant?,” E-Commerce Law and Strategy Journal, February 2006, co-authored with Scott A. Sinder.
“State Data Breach Laws Are Much Alike, But Differ on Some Key Details,” BNA's Electronic Commerce and Law Report, Jan. 2006, with Julie O'Neill.
“Challenging a Competitor's Advertising Claims,” The Antitrust Source, May 2005, with John Villafranco.
|
| |
Client Advisories:
"Federal Trade Commission Continues to Explore Consumer Privacy Protection Measures," February 03, 2010.
"Insights From Kelley Drye's 2nd Annual Privacy Law Seminar," November 30, 2009.
"FTC Issues New Health Records Data Breach Notification Rules and Massachusetts Modifies Data Security Rules," August 27, 2009.
"Maine Enacts Comprehensive Legislation Regulating the Collection, Disclosure, and Use of Minors' Personal Information," July 30, 2009.
"Senate Subcommittee Holds Hearing on Advertising Trends and Consumer Protection," July 27, 2009.
"FTC Approves Final Consent Order on Mortgage Company's GLBA Violations," June 19, 2009.
"FTC and Department of Health and Human Services Settle with CVS over Allegations that the Company Failed to Protect the Privacy of Customer and Employee Personal Information," February 27, 2009.
"Massachusetts (Again) Revises the State's Data Security Regulation; Compliance with Entire Regulation Extended Until Jan. 2010," February 17, 2009.
"FTC Settles With Computer Company Over Data Breach Charges," February 09, 2009.
"FTC Files Data Security Complaint Against Mortgage Broker; Reminder Of Increased Regulatory Scrutiny Of Businesses’ Data Security Practices," January 23, 2009.
"Extension Provided for Compliance with New Massachusetts Data Security Regulation -- Tiered Compliance Dates Now in Effect," November 18, 2008.
"New FTC Data Breach Settlement Involving Individual Liability and Vendor Controls; NY Releases Data Security Business Guidance," November 07, 2008.
"Massachusetts Releases Business Guidance on Compliance with the State’s New Data Security Regulation," November 04, 2008.
"New Massachusetts Data Security Requirements Go Into Effect In January 2009," October 02, 2008.
"Sweeping Connecticut SSN Bill Signed Into Law," June 10, 2008.
"FTC Announces Review of Environmental Marketing Guidelines," December 12, 2007.
"FTC Issues Identity Theft and Address Discrepancy Rules," November 28, 2007.
"Federal Trade Commission Holds Town Hall Meeting on Behavioral Targeting," November 12, 2007.
"TCPA Does Not Preempt State Telemarketing Statutes," May 09, 2007.
"FTC's Workshop on Negative Option Marketing," February 02, 2007.
"Endorsements and Testimonials in Advertising: FTC Request for Comments," January 19, 2007.
"Novel Class Actions Seek Application of California Eavesdropping Law to Ordinary Course of Business Telephone Monitoring and Recording," November 10, 2006.
"New State Privacy Laws: Regulating the Use of Social Security Numbers and Requiring Wireless Security Warnings," October 10, 2006.
"House Judiciary Committee Passes Data Security Bill," May 30, 2006.
"FTC Settles Privacy Case With Nations Title Agency," May 16, 2006.
"House Energy and Commerce Committee Passes Data Security Bill," March 31, 2006.
"Congressmen Stearns and Barton Release Draft Data Security Legislation," July 05, 2005.
"FTC Settles Landmark Data Security Breach Case," June 21, 2005.
"Rules of the Road: Following Unsolicited Commercial Email (UCE) Requirements," January 01, 2005.
"Health Savings Accounts," March 01, 2004.
|
| |
Speaking Engagements:
Privacy Law Paradigm Shift: Policymakers Respond to Rapidly Evolving Technologies, Presented by Kelley Drye, Washington, D.C., November 17, 2009.
Privacy and the Law: Legal Insights on Data Privacy Trends and Breach Response, Bank Info Security Podcast, September 11, 2009.
Internet and Mobile Commerce Security-Legal and Technical Risks, and Recommended Solutions, Mobile Commerce Conference – The Midwest Chapter of the Federal Communications Bar Association, Chicago, September 24, 2008.
Practical Knowledge for the New Technology Landscape, Electronic Retailing Association Annual Conference, Las Vegas, September 21, 2008.
Data Security and Privacy: Keeping Your Compliance Checklist On-Track, Presented by Kelley Drye, Chicago, IL, July 16, 2008.
Determining the FTC's Seminal Ability to Pair Traditional Regulations with Emerging Internet, Mobile and Wireless Communications Technologies, ACI's 2nd Annual Regulatory Summit for Advertisers and Marketers, Washington, DC, June 17, 2008.
What You Need to Know About Privacy and Information Security 2008 National Compliance Summit Presented by October Research Corporation, Las Vegas, NV, February 20, 2008.
Data Security and Privacy: Keeping Your Compliance Checklist On-Track, Presented by Kelley Drye, Vienna, VA, October 30, 2007.
Federal Enforcement Issues - Shared Jurisdiction of the FCC and the FTC, COMPTEL Plus 2007 Convention & EXPO, Dallas, TX, October 10, 2007.
Avoiding Government Scrutiny When Marketing to Wireless Devices, ACI's 2nd National Advertisers' & Marketers' Regulatory Summit, San Francisco, CA, September 19, 2007.
Protecting Your Business, Small Business Webcast Presented by Wells Fargo Bank, May 1, 2007.
Privacy & Information Security Litigation: An Analysis of Government Enforcement and Private Litigation in 2005-07, and Trends for the Road Ahead, American Bar Association Section on Antitrust Law, Privacy and Information Security Committee General Session Program, Washington, DC, April 18, 2007.
Social Media Update: Legal Implications, Public Relations Society of America Teleseminar, March 13, 2007.
What You Need to Know About Privacy and Information Security, 2007 National Compliance Summit Presented by October Research Corporation, March 2, 2007.
Privacy and Data Security Update, Kelley Drye Continuing Legal Education Program, February 8, 2007.
December 2006 Privacy Update, Monthly Teleseminar Presented by ABA Privacy and Information Security and Corporate Counseling Committees, December 14, 2006.
Goldilocks and the Three Privacy Bears: Is There Too Much, Too Little or Just the Right Amount of Privacy Law? , Moderator, ABA Section of Antitrust Law Teleconference, October 25, 2006.
Privacy and Data Security in Technology Transfers, Complex IP Licensing, Law Seminars International Conference, McLean, VA, October 18, 2006.
Catching the Fox in the Electronic Henhouse: Preventing, Confronting, and Controlling Security Breaches and Identity Theft, ABA Section on Antitrust Law, Consumer Protection Committee General Session Program, Washington, DC, March 30, 2006.
Security Breaches and Data Protection Round Table Discussion, 27th Annual Promotion Marketing Association's Promotion Marketing Law Conference 2005, Chicago, IL, December 1, 2005. |
| |
Bar Admissions:
District of Columbia, 2002
Maryland, 2001
|
| |
Courts:
U.S. Court of Appeals – First, Fourth and Ninth Circuits |
| |
| Education:
University of Maryland School of Law, J.D., Order of the Coif, 2001
Maryland University Law Review, executive editor
Haverford College, B.A., 1998
|
| |
Office Location:
Washington Harbour, Suite 400
3050 K Street, NW
Washington, D.C. 20007-5108
|
| |
|
