Amanda Witt co-leads the Cybersecurity, Privacy and Data Governance Practice at Kilpatrick Townsend. She focuses her practice in the areas of information technology, U.S. and global privacy, IoT, information security, e-commerce, cross-border transactions, outsourcing, licensing and procurement, intellectual property protection and transactions, strategic alliances, commercial transactions, software development and licensing, cloud computing, mobile marketing, social media, digital media, entertainment/media, and electronic signatures.

Ms. Witt has worked with clients in the acquisition and licensing of technology as well as in the provision of services throughout the supply chain. She has assisted clients in various industries in the drafting and negotiation of various technology agreements, including traditional licensing, data use and licensing agreements, software development, hosting agreements, reseller agreements, website co-branding agreements, and website development agreements.

As part of her practice, Ms. Witt helps clients identify, understand and manage privacy and information security risks, including evaluating a client’s obligations under GDPR, GLBA, COPPA, CAN-SPAM, security breach notification laws, other U.S. state and federal privacy and data security requirements, and global data protection laws (including those in the EU, Canada and Latin America). Ms. Witt is also a Certified Information Privacy Professional (CIPP/US) and (CIPP/E), as certified by the International Association of Privacy Professionals (IAPP). She has been appointed to serve as a Co-Chair of the IAPP Atlanta KnowledgeNet chapter (2016 - 2017) and currently serves as a Board Member of the International Section of the Georgia Bar.

Along with having a master's degree in international intellectual property from a European university, her practice includes advising clients in connection with international software licensing, global privacy, foreign distributorships and foreign procurement of services. Ms. Witt currently teaches cyber and privacy law as an adjunct professor at Georgia State’s College of Law.

Prior to joining the firm, Ms. Witt was a partner in the Atlanta office of a national law firm. Ms. Witt’s prior experience included the representation of regulated entities in business process and information technology outsourcing transactions.

Ms. Witt was recognized in 2015 by Legal 500 US in the area of Technology/Outsourcing.

Para ver esta biografía en español, presione aquí.

Follow Ms. Witt on Twitter @AMWitt


Advised provider of class action settlement administrations, restructuring and bankruptcy matters, mass tort settlement programs, regulatory settlements, and data breach response programs on global privacy issues, including providing training on EU and Canadian privacy laws. We also worked with our client to revise its privacy notice for Canada.

Represented natural gas provider in connection with benefits outsourcing transaction involving the protection of sensitive employee and company information.

Counseled cloud-based security and interactive home services provider on compliance with privacy and data protection laws in Europe, Australia, Canada and Latin America.

Ongoing advice and representation of a global insurance conglomerate in connection with counseling on European data protection laws and preparation of global employee consents and data transfer agreement.

Negotiated privacy and security protections on behalf of a global insurance conglomerate in connection with a cloud-based HR solution for a global workforce. As part of negotiating the entire agreement for the client, review included examination of security controls (including security audits and certifications) and European data protection / privacy laws.

Ongoing advice and representation of global email marketing company on compliance with European data protection laws

Represented a metals manufacturer in connection with the negotiation of a multi-tower global information technology outsourcing transaction. In connection with such representation, ensured that adequate protections were in place to protect the privacy and security of client data including, without limitation, requiring the vendor to agree to EU model clauses in connection with the transfer of personal data from the European Union.

Revision of security and privacy provisions in a form of distribution agreement to be used globally by a global logistics provider.

Representation of telecommunications provider in connection with global strategic alliance with a global outsourcer in the development of next-generation technology solutions for enterprise businesses.

Negotiated privacy and security protections on behalf of a global insurance conglomerate, a global logistics company and a global manufacturer in connection with cloud-based CRM and HR solutions for global workforce and customer bases, including review and incorporation of safeguards and bases for data processing and transfer in Asia, Europe and Latin America.

Updated website privacy policy for paper goods manufacturer.

Advised global telecommunications company with respect to Mexican privacy / data protection laws in connection with acquisition of Mexican companies.

Counseling of global insurance provider on various Latin American and European privacy and data protection issues.

Represented natural gas provider in negotiation of agreement with third party marketer with a focus on ensuring compliance with applicable privacy laws and protection of customer data. Such representation included revisions to the client’s privacy policy to account for such third party services.

Assisted cloud-based security services provider in becoming Safe Harbor certified under the U.S. – E.U. Safe Harbor framework and U.S. – Switzerland Safe Harbor framework

Revision of security and privacy provisions in a form of distribution agreement to be used globally by the leading global logistics provider.

Represented a metals manufacturer in connection with a multi-tower global information technology outsourcing of its data center, network, helpdesk, contact centers and related information technology services with an aggregate net present value of approximately $6M.

Regular service as global advisory counsel on data storage, processing and transfer issues involving complex connected car and big data initiatives around the world for a large telecommunications, hosting and platform company. Representation including issues under Chinese, Russian, South Korean, Malaysian, Japanese, Thai and Hong Kong laws, as well as under many European and Latin American data protection laws and the laws of Australia, New Zealand and Canada.

Revision of privacy and security exhibit for various service and license agreements on behalf of paper goods manufacturer.


Catholic University, Leuven, Belgium, LL.M., Intellectual Property Law (2004) magna cum laude

Emory University School of Law, J.D. (2000) cum laude, William D. Ferguson Scholar

University of Florida, B.A. (1996) magna cum laude, Phi Beta Kappa


Georgia (2000)

Professional & Community Activities

The International Association of Privacy Professionals

State Bar of Georgia, Technology Law and International Law Section, Member

Latest Thinking

View more Insights
Insights Center