Kelley Drye’s Privacy and Information Security Practice Group is a leader in advising clients on privacy and information security issues and has been at the forefront of developments in this growing area of the law. Our attorneys regularly counsel clients regarding all aspects of privacy and data security compliance, including:
- The Federal Trade Commission Act, including its application to online privacy, online advertising and marketing, and information security practices;
- State privacy and information security laws, including the variations of the breach notification and safeguard requirements among the states;
- The Gramm-Leach-Bliley Act;
- The Fair Credit Reporting Act and the Fair and Accurate Credit Transactions Act;
- The Health Insurance Portability and Accountability Act;
- The Children’s Online Privacy Protection Act; and
- The EU Data Protection Directive, as well as EU members’ state laws and the Safe Harbor Act negotiated between the US and the EU.
We have worked on numerous government investigations on behalf of a range of clients and have negotiated assurances of voluntary compliance with individual states, as well as with multi-state groups. We also have negotiated favorable settlements on behalf of clients in privacy and information security investigations by the Federal Trade Commission (FTC).
Our clients come from a diverse range of industries, and are comprised of financial services companies, telecommunications companies, online and offline retailers, social networking Web sites, companies that offer Web sites directed towards children, companies that offer Web sites directed towards commercial and general audiences, application service providers, multinational computer hardware and software manufacturers and offline list brokers, among others.
Examples of our representative experience include:
- Representing clients in investigations and inquiries from the FTC, state attorneys general, and federal and state courts and agencies regarding their privacy and/or information security business practices.
- Representing clients in meetings with privacy advocates in the initial stages of a new marketing campaign rollout to address use of consumers’ information, particularly with regard to online behavior.
- Counseling clients on how to ensure their business practices comply with privacy and data security laws, as well as with federal and state banking and consumer financial services laws and regulations.
- Assisting clients with drafting, reviewing, revising, and interpreting their privacy and data security policies and developing comprehensive privacy and information security programs.
- Counseling clients on how they may lawfully use consumers' personal information in marketing, including how to obtain effective consent for email marketing, text messaging, and online behavioral marketing.
- Performing privacy and/or data security audits of existing business practices, involving an assessment of client compliance with current policies and a review of how clients receive and share personal information with affiliates and third parties to ensure that such information sharing complies with applicable laws and business policies.
- Drafting agreements with third parties regarding their obligations in connection with handling clients’ customer data.
- Developing policies and procedures to ensure that clients are prepared to meet their legal obligations, as well as manage their public relations, in the event of a data breach.
- Training clients' employees on privacy, data security, advertising, and business practices that comply with federal and state consumer protection laws.
The group also works closely with other practices throughout the firm, including the Advertising Law, Litigation, Corporate, and Government Relations and Public Policy Practice Groups to stay abreast of new privacy and information security developments and to help clients interpret and shape governing privacy and data security laws, enabling them to achieve and maintain market leadership.
Back to: Advertising Law
|
