Privacy and Information Security Counseling and Compliance
Privacy and Information Security Counseling and Compliance
As new technologies, the Internet and digital media shape—and reshape—the global marketplace for content distribution, marketing and consumer engagement, companies that collect, store and use consumer data must deal with a continually shifting legal and regulatory framework that often struggles to keep pace.  

The resulting patchwork of federal and state laws, regulations and guidance, as well as expanding industry-specific requirements and guidelines, creates a compliance headache that plagues even the most sophisticated companies.

Our Privacy and Information Security attorneys work on the leading edge of media, technology and business, helping clients understand and proactively address the consumer privacy, information security and compliance issues they face as they implement new technology and develop innovative tactics to leverage consumer data.

Our goal is to enable you to achieve your business goals and objectives, gaining and keeping your competitive edge, while minimizing the risk of collecting, keeping and using customer data.

Members of our team have a unique regulatory perspective developed from years of serving with the FTC’s Bureau of Consumer Protection, including as bureau director, assistant director and attorney advisor.  Our attorneys helped direct the implementation and enforcement of the Children’s Online Privacy Protection Act (COPPA) and the Gramm-Leach Bliley Act (GLBA), and targeted Internet privacy, identity theft and electronic commerce consumer protection issues during their time with the Bureau.

We counsel clients in all types of highly scrutinized industries, including consumer products and retail, hotel and leisure, and financial services, as well as telecommunications, broadband, technology and mobile services, with comprehensive privacy and information security regulatory issues.

We have particular strength at the intersection of privacy and advertising and marketing law, and we often perform comprehensive compliance reviews of marketing and consumer contact policies and practices, ranging from telemarketing compliance assessments, to privacy and data security-by-design gap analyses, helping you identify potential “red flags” that, when addressed, can mitigate your exposure of becoming a future regulatory or litigation target.  We advise on the use of consumers’ personal information, geo-location and device data, and Customer Proprietary Network Information (CPNI) in marketing and advertising, including obtaining effective consent for e-mail marketing, text messaging and online behavioral marketing, and on compliance obligations under the Federal Communications Commission’s CPNI regulations, the Telephone Consumer Protection Act (TCPA), the Federal Trade Commission’s Telemarketing Sales Rule and the CAN-SPAM Act, as well as state laws and regulations.

We help clients draft, review, revise and interpret their privacy policies and procedures, and develop appropriate, comprehensive enterprise-wide privacy and data security programs and conduct training for employees on privacy, data security, advertising and business practices.  We perform privacy or data security audits of existing business practices to assess client compliance with current policies, and help clients develop and update reasonable oversight and monitoring programs of third-party vendors handling consumer data, including vendor privacy due diligence templates, drafting and negotiating strategic contractual provisions, and formulating appropriate compliance checks and responses to issues that arise during the relationship.

 
 

Overview

As new technologies, the Internet and digital media shape—and reshape—the global marketplace for content distribution, marketing and consumer engagement, companies that collect, store and use consumer data must deal with a continually shifting legal and regulatory framework that often struggles to keep pace.  

The resulting patchwork of federal and state laws, regulations and guidance, as well as expanding industry-specific requirements and guidelines, creates a compliance headache that plagues even the most sophisticated companies.

Our Privacy and Information Security attorneys work on the leading edge of media, technology and business, helping clients understand and proactively address the consumer privacy, information security and compliance issues they face as they implement new technology and develop innovative tactics to leverage consumer data.

Our goal is to enable you to achieve your business goals and objectives, gaining and keeping your competitive edge, while minimizing the risk of collecting, keeping and using customer data.

Members of our team have a unique regulatory perspective developed from years of serving with the FTC’s Bureau of Consumer Protection, including as bureau director, assistant director and attorney advisor.  Our attorneys helped direct the implementation and enforcement of the Children’s Online Privacy Protection Act (COPPA) and the Gramm-Leach Bliley Act (GLBA), and targeted Internet privacy, identity theft and electronic commerce consumer protection issues during their time with the Bureau.

We counsel clients in all types of highly scrutinized industries, including consumer products and retail, hotel and leisure, and financial services, as well as telecommunications, broadband, technology and mobile services, with comprehensive privacy and information security regulatory issues.

We have particular strength at the intersection of privacy and advertising and marketing law, and we often perform comprehensive compliance reviews of marketing and consumer contact policies and practices, ranging from telemarketing compliance assessments, to privacy and data security-by-design gap analyses, helping you identify potential “red flags” that, when addressed, can mitigate your exposure of becoming a future regulatory or litigation target.  We advise on the use of consumers’ personal information, geo-location and device data, and Customer Proprietary Network Information (CPNI) in marketing and advertising, including obtaining effective consent for e-mail marketing, text messaging and online behavioral marketing, and on compliance obligations under the Federal Communications Commission’s CPNI regulations, the Telephone Consumer Protection Act (TCPA), the Federal Trade Commission’s Telemarketing Sales Rule and the CAN-SPAM Act, as well as state laws and regulations.

We help clients draft, review, revise and interpret their privacy policies and procedures, and develop appropriate, comprehensive enterprise-wide privacy and data security programs and conduct training for employees on privacy, data security, advertising and business practices.  We perform privacy or data security audits of existing business practices to assess client compliance with current policies, and help clients develop and update reasonable oversight and monitoring programs of third-party vendors handling consumer data, including vendor privacy due diligence templates, drafting and negotiating strategic contractual provisions, and formulating appropriate compliance checks and responses to issues that arise during the relationship.

Partner
Email (202) 342-8588(202) 342-8588
Dana Rosenfeld chairs the firm’s Privacy and Information Security practice.  A former assistant director of the Federal Trade Commission (FTC) Bureau of Consumer Protection and attorney...
Partner
Email (202) 342-8603(202) 342-8603
Alysa Hutnik delivers comprehensive expertise in all areas of privacy, data security and advertising law.  Her experience ranges from counseling to defending clients in FTC and state attorney...
Partner
Email (202) 342-8544(202) 342-8544
John Heitmann, chair of the Communications practice, counsels wireless, wireline and cable broadband and telephony service providers, and other entities, large and small, international and domesti...
Of Counsel
Email (202) 342-8646 (202) 342-8646
Jodie Bernstein is of counsel in the firm’s Washington, D.C. office. She is widely respected among consumer groups, industry organizations and the private bar as one the country’s leadi...
Senior Associate
Email (202) 342-8466(202) 342-8466
Spencer Elg is an attorney in the firm’s Washington, D.C., office. A former litigation attorney for the Federal Trade Commission, Mr. Elg focuses his practice on helping clients navigate con...
Associate
Email (212) 808-7678(212) 808-7678
Jameson Dempsey counsels wireless, wireline, cable and advanced communications service providers on federal and state privacy, information security, and communications issues.  He draws on a ...
Associate
Email (202) 342-8534(202) 342-8534
Ilunga Kalala is an associate in the firm’s Washington, D.C. office. His practice focuses on advertising and marketing, privacy and information security, and other consumer protection law ma...
Associate
Email (202) 342-8635(202) 342-8635
Ross Slutsky is an associate in the firm’s Washington, D.C. office. His practice focuses on communications, technology policy, privacy, data security, and emerging technology matters. Throug...
Associate
Email (202) 342-8557(202) 342-8557
Katie Townley is an associate in the firm’s Washington, D.C. office. Her practice focuses on advertising and marketing, privacy and information security, product safety, and other consumer p...
Associate
Email (202) 342-8459 (202) 342-8459
Jenny Wainwright is an associate in the firm’s Washington, D.C. office.  Her practice focuses on federal and state regulatory and transactional matters involving communications service ...