Privacy & Cybersecurity

Overview

Privacy and cybersecurity laws and regulations have become the cornerstone of the digital revolution, setting the standards of data protection and creating a compliance landscape that is complex and ever-changing.

Our clients come to us because we have decades of experience guiding companies in their privacy and cybersecurity compliance efforts as they develop and grow. We are successful and sought-after because our Privacy & Cybersecurity team recognizes that, while the laws in this area are complex and can be burdensome, privacy and cybersecurity compliance should enable and support business goals, rather than impede them.

Our knowledge of privacy and cybersecurity laws is extensive, but we support our clients with a business-minded approach. We help them strategize how to manage their regulatory obligations in a way that minimizes the impact on their business operations. The practical, operational guidance that we provide is often the reason clients choose us.

Capabilities

With decades of experience across markets and jurisdictions, we have honed our capabilities to focus on the areas of greatest need for our clients. These areas include, but are not limited to:

Privacy Program Advice
  • We advise clients on compliance with privacy and cybersecurity laws, develop privacy policies and statements, assess current practices, identify areas for improvement and risk mitigation, provide reasonable solutions, and help them create compliant processes and documentation that work for their business.
Contracts and Third-Party Due Diligence
  • We draft and negotiate privacy contractual provisions, including complex contractual provisions for cross-border data transfers.
  • We develop third-party due diligence programs and help our clients vet vendors and contractors to ensure that they and their data are protected.
Solving Privacy-Related Legal Issues
  • We advise our clients on developing compliance programs for new laws and how to leverage their current privacy practices to meet the new requirements.
  • We assist with responding to consumer complaints and requests.
  • We assist clients in responding to regulator inquiries related to privacy and cybersecurity legal compliance issues.
Identifying How Data Is Used
  • We help our clients map data flows across systems, entities, and third parties and we help them identify technologies and tools that can help.
Responding to Breaches and Security Incidents
  • We draft breach response policies and procedures and conduct tabletop exercises to support breach readiness.
  • We respond to breaches, from the first moments of an incident all the way through notification to affected consumers, regulators, and business partners. We help our clients to respond to regulator inquiries in the wake of a breach.
Representing Clients in Government Investigations
  • We represent clients before federal and state agencies on privacy and cybersecurity matters, including government investigations involving data breaches and compliance with privacy laws.

 

CROSS-FUNCTIONAL TEAMS

Because we work across markets, we work closely with other practices and industry teams across AGG to provide seamless support to our clients. Please refer to the key AGG Related Services and Related Industries our team interacts with daily and who help us to provide the kinds of broad data, security, technology, and governance-related services that our clients need.

Experience

Our team works across industries, including, but not limited to, healthcare and life sciences, background screening, e-commerce, financial services, fintech, technology, private equity, and entertainment. Because we have a finger on the pulse of these industries, we are able to benchmark our knowledge of relevant market compliance activities and steer clients towards industry standard approaches to managing legal and compliance risk.

 

While we are based in the U.S., many of our clients have an international footprint. We work across U.S. and international jurisdictions, including significant experience in the EU, and we work closely with local counsel in most countries where our clients do business.