
Cybersecurity, Privacy & Data GovernancePragmatic Global Data Solutions Kilpatrick Townsend helps its clients protect their most important information in the most pragmatic, cost-effective, business-focused way possible. Our Cybersecurity, Privacy & Data Governance practice takes a comprehensive, multidisciplinary, and integrated approach to help clients: Comply with evermore complex privacy, data protection, and cybersecurity regulatory frameworks around the world Anticipate and manage the full range of information-related risks Optimize the value of information and appropriately monetize it Contain and respond quickly and effectively to incidents Prevent and control disputes and investigations Maximize recoveries and resilience To stay current on these ever-changing issues, visit and subscribe to our Global Privacy and Cybersecurity Law Blog. Reach Global Data Protection & Cybersecurity: Beyond Privacy & Breach Cybersecurity threats are growing exponentially around the world, as are data protection and cybersecurity regulatory challenges. Today's incidents include controlling, damaging, and/or interrupting systems, as well as stealing, denying access to, or destroying strategic knowledge assets — the critical data vital to a company's survival and ability to compete and prosper. Data protection and cybersecurity regulatory challenges, such as the EU’s General Data Protection Regulation (GDPR) and New York ’s Cybersecurity Requirements for Financial Services, demand more in-depth understanding of operations, systems, and data flows than ever before. To help safeguard our clients’ information, operations, systems, secrets, intellectual property, brands, and compliance, we offer the full spectrum of cybersecurity, privacy, data protection, and data governance legal services across the U.S. and abroad. Our integrated team of multidisciplinary attorneys and technical staff uses its in-depth experience, legal acumen, technologies, and relationships with domestic and international regulators, law enforcement, data protection authorities, and policy groups to craft timely, cost-efficient, and practical solutions that balance our clients’ internal and external needs. Differentiators Justifying Trust In The Digital Economy Innovative Data Governance: We serve as global privacy and cybersecurity counsel to many organizations, often on the cutting edge of innovation, working with our clients continuously to create and leverage disruptive technologies with new approaches to data governance. Productive Narratives: In responding to incidents and helping to guide the development of programs, we help assure the effective narration of information issues with stakeholders, consumers, regulators, and the public. Operational & Contractual Risk Management & Value Creation: Our team includes attorneys with particular depth in corporate operations and related strategy issues that enables effective participation in policy and program analysis, design, and implementation; attorneys with particular depth in creating and protecting rights in data; and the full range of technical experts and technology. Long-Term Partnerships: We are passionate about client service and creating long-lasting partnerships with our clients, just as we help our clients create and maintain durable and expanding relationships with their customers, workforce, regulators, and the public. Focus Areas Risk Assessments, Strategies, Program Development, Governance & Compliance Incident Preparedness & Response U.S. & Global Privacy Data & System Mapping Compliance Assessments GDPR, Cross-Border Data Transfer & Data Localization Trade Secrets & Corporate Confidential Information Artificial Intelligence, Big Data, Machine Learning & Deep Learning Blockchain, Fintech & Smart Contracts Internet of Things Advertising Privacy Health & Financial Privacy/Cybersecurity Litigation & Investigations Employment Board Preparedness Mergers & Acquisitions Experience Coordinated global response to a global data breach involving regulators in 57 non-U.S. jurisdictions. Defended numerous companies across diverse industries in consumer class action cases, alleging violation of California’s privacy statutes. Employed individualized strategies to minimize client risk and achieve client objectives. Secured a favorable ruling for electronic communications service provider, Dream Host, against the U.S. Department of Justice (DOJ) in a highly-publicized privacy court battle, which precluded the DOJ from obtaining information about individuals visiting and communicating with the political advocacy website DisruptJ20. Led GDPR readiness initiatives for a global email marketing company, a global insurer, and a global leader in the Internet of Things. More than 12 years developing, refining, and participating as an integral part in client incident response programs, avoiding consumer litigation in all cases. Advised insurance companies, banks, and other financial institutions and service providers on New York Department of Financial Services cybersecurity regulations, including guidance on strategy, process, risk assessment, and program development. Developed information governance strategies, contracts establishing data rights and privacy and cybersecurity rules, and notices and consents for companies entering the Internet of Things. Developed and helped implement comprehensive overhauls of a wide range of policies governing corporate, customer, and third-party information, including privacy, e-communications, trade secrets, surveillance, retention, security, and defensible disposal programs for financial services information companies, consumer products manufacturers, retailers, health care companies, and business service organizations adopting big data strategies. Also led many privacy and information security compliance and auditing programs under these new programs. Represented a multinational fabless semiconductor company, with Cambridge, UK headquarters and main products covering connectivity, audio, imaging, and location chips, about data breach situations and industrial espionage matters involving incursions from and in China and South Korea. Negotiated privacy and security protections and established policies and programs for a global insurance conglomerate, a global logistics company, a global manufacturer, and global technology companies about cloud-based CRM, HR, and benefits solutions for global workforce and customer bases, including review and incorporation of safeguards and bases for data processing and transfer in Asia, Europe, and Latin America. Primary Contacts Jonathan A. Neiditz Partner Atlanta, GA t 404.815.6004 jneiditz@kilpatricktownsend.com Raymond O. Aghaian Partner Los Angeles, CA t 310.310.7010 raghaian@kilpatricktownsend.com Amanda M. Witt Partner Atlanta, GA t 404.815.6008 awitt@kilpatricktownsend.com Nancy L. Stagg Partner San Diego, CA t 858.350.6156 nstagg@kilpatricktownsend.com

Cybersecurity, Privacy & Data GovernancePragmatic Global Data Solutions

Kilpatrick Townsend helps its clients protect their most important information in the most pragmatic, cost-effective, business-focused way possible. Our Cybersecurity, Privacy & Data Governance practice takes a comprehensive, multidisciplinary, and integrated approach to help clients:

Comply with evermore complex privacy, data protection, and cybersecurity regulatory frameworks around the world
Anticipate and manage the full range of information-related risks
Optimize the value of information and appropriately monetize it
Contain and respond quickly and effectively to incidents
Prevent and control disputes and investigations
Maximize recoveries and resilience

To stay current on these ever-changing issues, visit and subscribe to our Global Privacy and Cybersecurity Law Blog.

Reach

Global Data Protection & Cybersecurity: Beyond Privacy & Breach

Cybersecurity threats are growing exponentially around the world, as are data protection and cybersecurity regulatory challenges. Today's incidents include controlling, damaging, and/or interrupting systems, as well as stealing, denying access to, or destroying strategic knowledge assets — the critical data vital to a company's survival and ability to compete and prosper. Data protection and cybersecurity regulatory challenges, such as the EU’s General Data Protection Regulation (GDPR) and New York ’s Cybersecurity Requirements for Financial Services, demand more in-depth understanding of operations, systems, and data flows than ever before. To help safeguard our clients’ information, operations, systems, secrets, intellectual property, brands, and compliance, we offer the full spectrum of cybersecurity, privacy, data protection, and data governance legal services across the U.S. and abroad. Our integrated team of multidisciplinary attorneys and technical staff uses its in-depth experience, legal acumen, technologies, and relationships with domestic and international regulators, law enforcement, data protection authorities, and policy groups to craft timely, cost-efficient, and practical solutions that balance our clients’ internal and external needs.

Differentiators

Justifying Trust In The Digital Economy

Innovative Data Governance: We serve as global privacy and cybersecurity counsel to many organizations, often on the cutting edge of innovation, working with our clients continuously to create and leverage disruptive technologies with new approaches to data governance.

Productive Narratives: In responding to incidents and helping to guide the development of programs, we help assure the effective narration of information issues with stakeholders, consumers, regulators, and the public.

Operational & Contractual Risk Management & Value Creation: Our team includes attorneys with particular depth in corporate operations and related strategy issues that enables effective participation in policy and program analysis, design, and implementation; attorneys with particular depth in creating and protecting rights in data; and the full range of technical experts and technology.

Long-Term Partnerships: We are passionate about client service and creating long-lasting partnerships with our clients, just as we help our clients create and maintain durable and expanding relationships with their customers, workforce, regulators, and the public.

Focus Areas

Risk Assessments, Strategies, Program Development, Governance & Compliance
Incident Preparedness & Response
U.S. & Global Privacy
Data & System Mapping
Compliance Assessments
GDPR, Cross-Border Data Transfer & Data Localization
Trade Secrets & Corporate Confidential Information
Artificial Intelligence, Big Data, Machine Learning & Deep Learning
Blockchain, Fintech & Smart Contracts
Internet of Things
Advertising Privacy
Health & Financial Privacy/Cybersecurity
Litigation & Investigations
Employment
Board Preparedness
Mergers & Acquisitions

Experience

Coordinated global response to a global data breach involving regulators in 57 non-U.S. jurisdictions.

Defended numerous companies across diverse industries in consumer class action cases, alleging violation of California’s privacy statutes. Employed individualized strategies to minimize client risk and achieve client objectives.

Secured a favorable ruling for electronic communications service provider, Dream Host, against the U.S. Department of Justice (DOJ) in a highly-publicized privacy court battle, which precluded the DOJ from obtaining information about individuals visiting and communicating with the political advocacy website DisruptJ20.

Led GDPR readiness initiatives for a global email marketing company, a global insurer, and a global leader in the Internet of Things.

More than 12 years developing, refining, and participating as an integral part in client incident response programs, avoiding consumer litigation in all cases.

Advised insurance companies, banks, and other financial institutions and service providers on New York Department of Financial Services cybersecurity regulations, including guidance on strategy, process, risk assessment, and program development.

Developed information governance strategies, contracts establishing data rights and privacy and cybersecurity rules, and notices and consents for companies entering the Internet of Things.

Developed and helped implement comprehensive overhauls of a wide range of policies governing corporate, customer, and third-party information, including privacy, e-communications, trade secrets, surveillance, retention, security, and defensible disposal programs for financial services information companies, consumer products manufacturers, retailers, health care companies, and business service organizations adopting big data strategies. Also led many privacy and information security compliance and auditing programs under these new programs.

Represented a multinational fabless semiconductor company, with Cambridge, UK headquarters and main products covering connectivity, audio, imaging, and location chips, about data breach situations and industrial espionage matters involving incursions from and in China and South Korea.

Negotiated privacy and security protections and established policies and programs for a global insurance conglomerate, a global logistics company, a global manufacturer, and global technology companies about cloud-based CRM, HR, and benefits solutions for global workforce and customer bases, including review and incorporation of safeguards and bases for data processing and transfer in Asia, Europe, and Latin America.