The use and protection of data continues to be an area of increasing complexity and regulation. Whatever business a company is in, it manages the personal information of its employees, and potentially the personal information of customers.

Companies of all types and sizes in the retail, manufacturing, health care, financial services and technology industries turn to Seyfarth Shaw’s Privacy & Data Security group to successfully and proactively navigate through an increasing maze of laws, regulations and enforcement actions relating to personal data. Indeed, protecting data of employees and customers has become a key function of every company’s compliance program, both to avoid risks and liabilities, and to maintain employee and customer confidence and trust.

 Our Privacy & Data Security attorneys assist our clients in analyzing their practices with respect to data collection and use, and in implementing state-of-the-art, cutting-edge compliance programs to preserve and protect personal information and training clients on proper practices. Being proactive and looking at an organization’s practices holistically helps our clients establish internal company policies and training programs designed to maintain the security of this vital information. Such steps help our clients avoid privacy glitches and security breaches and the costly litigation, fines, audits and loss of goodwill and/or trust that they can create. We monitor compliance with quickly changing and evolving privacy and security laws and regulations so that we can keep our clients abreast of developments. We have leveraged our expertise by creating a library of tools, such as questionnaires, policies, contracts/contractual provisions, notifications and other documents so that we avoid having to reinvent the wheel on each engagement. We counsel clients on domestic and international data compliance programs for employers and consumer-focused companies, and have experience in developing policies and procedures for clients doing business in the EU, Asia, Latin America and Canada, as well as, of course in the United States.

We recognize that the unauthorized disclosure or use of information is a fact of life, and needs to be responded to seriously and quickly. We employ our rapid response team to investigate such incidents and assess our client’s responsibilities under applicable laws and contracts. In the event of an actual or breach related to personal information, we advise our clients on how they can best communicate with law enforcement, consumers, regulators and consumer reporting agencies. When necessary, we defend actions brought by regulators (such as the Federal Trade Commission and State Attorneys General) or civil plaintiffs. We also have a great deal of experience in litigation involving privacy issues, such as obtaining information regarding anonymous/pseudonymous parties from Internet service providers, as well as building cases involving defamation, misappropriation, disparagement, and “spoofing” on websites, and litigate issues arising from computer and e-mail hacking.

Our attorneys have long been go-to resources for our clients. Examples of our leadership in the field include defending the first Internet privacy case brought before the Federal Trade Commission and the first computer security breach case brought by the New York Attorney General. With one of the country’s best-known and respected labor and employment practices, our multi-disciplinary and cross-practice teams have a breadth and depth of experience we can bring to bear to skillfully and efficiently assist our clients when privacy and data security issues arise in the workplace.