In today's digital world, where data has become a key asset for conducting business, companies continue to face greater privacy and cybersecurity risks.
Our Privacy & Cybersecurity team helps clients navigate the rapidly evolving, increasingly complex privacy and security law landscape in the United States, the EU, and around the world. Our cross-disciplinary practice draws on the extensive knowledge and experience of lawyers in our Employment, Employee Benefits, Insurance, Bankruptcy, Intellectual Property, and Litigation practices. Our targeted counsel is relevant to companies across diverse industries, such as health care, retail, professional services, communications, financial services, advertising, and entertainment.
Our deep knowledge, combined with our transactional experience, provides our clients with exceptionally effective counsel. Our team is equally well versed in FTC regulations and investigations, data breach preparation, response and remediation, and the defense of class action litigation resulting from information security and privacy law violations.
Today, U.S. companies must carefully consider privacy and data security laws when conducting business with entities and individuals located in foreign jurisdictions. We routinely counsel clients on their responsibilities when their business operations extend beyond U.S. borders, including compliance with the EU's new General Data Protection Regulation (GDPR), which became effective in May 2018.
The Hedge Fund Law Report conducts an in-depth interview with Peter D. Greene regarding the GDPR’s impact on private funds’ use of alternative data. Issues addressed include how the GDPR might affect how funds buy and use alternative data; how the GDPR may impact funds’ internal generation or gathering of alternative data; funds’ due diligence in data vendor selection; and immediate steps funds can take to ensure GDPR compliance.
The Buffalo Law Journal notes Lowenstein Sandler as counsel to a company discussing its General Data Protection Regulation (GDPR) compliance efforts. The article quotes Mary J. Hildebrand, who notes many companies’ confusion as to whether and why GDPR applies to them. Hildebrand explains that GDPR has expanded the definition of personal data, that it applies depending on where data is processed (not just on where it “sits”), and that GDPR compliance obligations will involve careful judgment calls.
In a three-part article, The Hedge Fund Law Report quotes Peter D. Greene and Benjamin Kozinn regarding fund managers’ collection (often through vendors) and use of big data, liability risks associated with acquisition and use of material nonpublic information, and data privacy issues surrounding access to and use of personally identifiable information.
Mary J. Hildebrand comments in Law360 on the risks created by an expanded definition of personal data under the General Data Protection Regulation (GDPR).