Privacy and Security Governance and Compliance 

• Advising global leaders in chatbot and communication platforms and in data privacy management and governance solutions on proactive data and communication privacy considerations and compliance with US and global wiretapping laws.
• Counseling a global security-first IT solutions and services provider in managed services, cybersecurity, and cloud solutions with maturing and enhancing its privacy and security programs, including updating, aligning, and simplifying its contracting and privacy disclosures.
• Counseling professional sports and entertainment operators on maturing their privacy programs, including the use of facial recognition and biometrics within their facilities.
• Counseling a health care technology company operating at the intersection of health care plans, providers, and members on data privacy compliance in connection with the use of offshore resources.
• Counseling a global B2B data company on developing its product pipeline and on proactive compliance with the Federal Wiretap Act, the Stored Communications Act and state wiretap acts.
• Counseling a Big 4 advertising and public relations company in developing new tools to leverage health information to identify and generate audiences in order to improve advertising spend.
• Advising a leading S&P SmallCap 600 data connectivity company on enhancing and maturing its privacy program in response to changes in U.S. state privacy laws.
• Counseling a Fortune 250 consumer goods company on managing its privacy, data and security risk associated with vendors and affiliates, including establishing a privacy-by-design vendor tiering and data transfer program to permit international data transfers across multiple jurisdictions.
• Advising two Big 4 accounting firms on privacy and security considerations, including the movement of sensitive data subject to extensive restrictions, information security obligations and general privacy compliance.
• Advising a global systemically important bank on privacy compliance and operations under the GLBA, the CCPA, HIPAA and international privacy laws.
• Advising a leading online reseller on privacy and cybersecurity, including counseling on securities disclosures and testing and maturing the organization’s incident response plan and processes.
• Advising an independent, multifacility health care system on maturing and enhancing its privacy and security program, including its HIPAA Privacy, Security, and Breach Notification Rule compliance.
• Counseling a vertically integrated technology and financial institution on developing its privacy program, including preparing and aligning its GLBA and CCPA privacy statements.
• Advising a global online gaming company on its privacy disclosures and compliance with app store privacy rules.
• Advising technology companies offering conversational AI-enabled solutions and AI infrastructure on contracting and proactive data and communication privacy considerations and disclosures.

Artificial intelligence Governance and Compliance

• Advising a CRN Tech Elite 250 security-first, IT solutions and services provider on a program overhaul to develop, mature, and enhance its artificial intelligence assessment and governance program.
• Counseling a global leader in compensation technology and data on developing terms of use for its customer-facing generative AI suite.
• Counseling a data-driven HR and talent optimization platform in creating guidelines for development and integration of AI solutions into its existing product portfolio.
• Advising an enterprise-grade AI safety and security services platform developer on legal issues around white-labeled product integration into agentic AI platforms.
• Counseling a leading research accelerator on best practices for data collection to use in training and tuning advanced AI systems. 

Security Incidents and Cyber Risks

• Representing diverse companies in the financial services and health care sectors, including provider networks and multifacility healthcare systems in responding to security incidents involving potential unauthorized access to sensitive personal information.
• Representing a leading online reseller in responding to social engineering attacks against its employees.
• Representing a global systemically important bank in first-in-the-nation litigation at the intersection of the CCPA and GLBA, involving the alleged theft of financial information.
• Representing a Fortune 250 consumer goods company in investigating and responding to a ransomware attack at a vendor that impacts the development of a high-profile product.
• Representing a large, multi-office professional services firm in data handling and reporting obligations related to a security incident involving potential unauthorized access to sensitive client and firm files.
• Representing a leading health care data analytics organization in identifying potential security weaknesses and developing, enhancing and maturing its security program. 

Commercial Litigation

• Representing a Fortune 100 financial institution in complex, consolidated breach of contract litigation and advising on data handling obligations of the outside counsel team.
• Representing a Fortune Global 500 financial institution in complex litigation over corporate governance and allegations of financial fraud.
• Representing a leading national specialty retailer and a S&P 600 technology company in separate wiretapping lawsuits at the intersection of communication technologies, SaaS solutions, artificial intelligence, and privacy.
• Representing a Fortune 100 pharmaceutical company in mass torts litigation in e-discovery and cross-border data flows, including advising the organization on the transfer of sensitive health care data across borders and across multiple regulatory regimes, including the GDPR, PIPEDA, the Australian Privacy Act, and Israeli law.
• Representing a leading sports league in handling and producing sensitive player data in class action and mass tort litigation.
• Representing a leading children’s hospital in complex class-action litigation pending in multiple forums arising out of a large, declared data breach.

M&A and General Corporate Compliance

• Counseling leading global investment and private equity firms on evaluating the privacy and security concerns for potential investments and acquisitions.
• Counseling an S&P 500 enterprise software company on strategic issues connected with an acquisition arising out of changes to privacy laws and privacy offerings in the marketplace, including around changes to the adtech and martech ecosystems.
• Counseling a Fortune 250 consumer goods company on corporate and management fiduciary duties related to the organization and the structure of its security response program and compliance with best practices in conformity with U.S. securities laws.
• Advising healthtech startups and investors on the application of novel anonymization techniques, including differential privacy, to permit deidentified data analytics of sensitive health care data to improve medical research.
• Representing an independent, multifacility health care system in the acquisition and integration of a major enterprise software solution.
• Representing a global nonprofit advocacy and research organization in the transition of its research data network to a new provider and new contractual structure.
• Representing a national health care company in the potential divestment of a retail subsidiary.