Cybersecurity, Privacy & Data GovernancePragmatic Global Data Solutions
Kilpatrick Townsend helps its clients protect their most important information in the most pragmatic, cost-effective, business-focused way possible. Our Cybersecurity, Privacy & Data Governance practice takes a comprehensive, multidisciplinary, and integrated approach to help clients:
To stay current on these ever-changing issues, visit and subscribe to our Global Privacy and Cybersecurity Law Blog.
Global Data Protection & Cybersecurity: Beyond Privacy & Breach
Cybersecurity threats are growing exponentially around the world, as are data protection and cybersecurity regulatory challenges. Today's incidents include controlling, damaging, and/or interrupting systems, as well as stealing, denying access to, or destroying strategic knowledge assets — the critical data vital to a company's survival and ability to compete and prosper. Data protection and cybersecurity regulatory challenges, such as the EU’s General Data Protection Regulation (GDPR) and New York ’s Cybersecurity Requirements for Financial Services, demand more in-depth understanding of operations, systems, and data flows than ever before. To help safeguard our clients’ information, operations, systems, secrets, intellectual property, brands, and compliance, we offer the full spectrum of cybersecurity, privacy, data protection, and data governance legal services across the U.S. and abroad. Our integrated team of multidisciplinary attorneys and technical staff uses its in-depth experience, legal acumen, technologies, and relationships with domestic and international regulators, law enforcement, data protection authorities, and policy groups to craft timely, cost-efficient, and practical solutions that balance our clients’ internal and external needs.
Justifying Trust In The Digital Economy
Innovative Data Governance: We serve as global privacy and cybersecurity counsel to many organizations, often on the cutting edge of innovation, working with our clients continuously to create and leverage disruptive technologies with new approaches to data governance.
Productive Narratives: In responding to incidents and helping to guide the development of programs, we help assure the effective narration of information issues with stakeholders, consumers, regulators, and the public.
Operational & Contractual Risk Management & Value Creation: Our team includes attorneys with particular depth in corporate operations and related strategy issues that enables effective participation in policy and program analysis, design, and implementation; attorneys with particular depth in creating and protecting rights in data; and the full range of technical experts and technology.
Long-Term Partnerships: We are passionate about client service and creating long-lasting partnerships with our clients, just as we help our clients create and maintain durable and expanding relationships with their customers, workforce, regulators, and the public.
Coordinated global response to a global data breach involving regulators in 57 non-U.S. jurisdictions.
Defended numerous companies across diverse industries in consumer class action cases, alleging violation of California’s privacy statutes. Employed individualized strategies to minimize client risk and achieve client objectives.
Secured a favorable ruling for electronic communications service provider, Dream Host, against the U.S. Department of Justice (DOJ) in a highly-publicized privacy court battle, which precluded the DOJ from obtaining information about individuals visiting and communicating with the political advocacy website DisruptJ20.
Led GDPR readiness initiatives for a global email marketing company, a global insurer, and a global leader in the Internet of Things.
More than 12 years developing, refining, and participating as an integral part in client incident response programs, avoiding consumer litigation in all cases.
Advised insurance companies, banks, and other financial institutions and service providers on New York Department of Financial Services cybersecurity regulations, including guidance on strategy, process, risk assessment, and program development.
Developed information governance strategies, contracts establishing data rights and privacy and cybersecurity rules, and notices and consents for companies entering the Internet of Things.
Developed and helped implement comprehensive overhauls of a wide range of policies governing corporate, customer, and third-party information, including privacy, e-communications, trade secrets, surveillance, retention, security, and defensible disposal programs for financial services information companies, consumer products manufacturers, retailers, health care companies, and business service organizations adopting big data strategies. Also led many privacy and information security compliance and auditing programs under these new programs.
Represented a multinational fabless semiconductor company, with Cambridge, UK headquarters and main products covering connectivity, audio, imaging, and location chips, about data breach situations and industrial espionage matters involving incursions from and in China and South Korea.
Negotiated privacy and security protections and established policies and programs for a global insurance conglomerate, a global logistics company, a global manufacturer, and global technology companies about cloud-based CRM, HR, and benefits solutions for global workforce and customer bases, including review and incorporation of safeguards and bases for data processing and transfer in Asia, Europe, and Latin America.
Jonathan A. Neiditz
Raymond O. Aghaian
Los Angeles, CA
Amanda M. Witt
Nancy L. Stagg
San Diego, CA