Led by top practitioners in privacy, cybersecurity, financial services, fintech, intellectual property, criminal investigations and civil litigation, S&C’s Privacy Group has the depth and experience to advise companies on the full range of privacy issues that can arise in complex matters.
S&C works with global clients subject to wide-ranging privacy and data protection laws and regulations, which include the California Consumer Privacy Act (CCPA) and other comprehensive U.S. state privacy laws, the European Union General Data Protection Regulation (GDPR) and UK GDPR, the Illinois Biometric Information Privacy Act (BIPA), the Gramm-Leach-Bliley Act (GLBA), the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Children’s Online Privacy Protection Act (COPPA).
From startups to well-established companies, clients turn to S&C’s multi-disciplinary team to collaborate on privacy issues impacting their products and services; compliance with local, state, federal and international privacy laws and regulations; and privacy-focused investigations and litigation. We help clients incorporate privacy-by-design into their products, services, websites , mobile apps and back-end infrastructure and conduct data protection impact assessments that evaluate how they collect, use, disclose and dispose of personal information.
In transactions, we strategize closely with our clients to evaluate personal information at the outset of our engagement and develop creative solutions to avoid potential barriers that might limit the use of that information. We conduct privacy due diligence tailored to a company’s data collection practices, industry and geographic scope, revise and negotiate agreements and assist clients with post-closing transition services, including data integration or separation.
Areas of focus include:
- Advising clients on privacy and cybersecurity issues in mergers, acquisitions, joint ventures and other business combinations;
- Drafting and negotiating data sharing, processing and transfer agreements and assisting with third-party vendor management programs;
- Assisting clients with developing privacy compliance programs, including by drafting privacy notices, consent forms and data subject request policies and procedures;
- Advising on privacy considerations associated with processing personal data using artificial intelligence;
- Providing strategic counseling on data governance and privacy issues associated with new business opportunities, consumer marketing programs or the collection of sensitive categories of personal information, including biometric information;
- Developing cross-border data transfer strategies and assisting with compliance with international privacy laws and regulations;
- Advising on employee privacy issues including employee monitoring, geolocation tracking and the use of ephemeral communications;
- Assisting clients in responding to and evaluating the impact of federal, state and international privacy investigations and litigation; and
- Drafting and revising privacy-related disclosures in regulatory filings.
Recognized by:
- Global Data Review’s GDR 100 2022
- U.S. News & World Report 2022 for Privacy & Data Security Law
Subscribe to receive our Insights