Digital Assets and Data Management

Overview

“Noted for its strength in litigation and defending regulatory investigations, and sought after for its wide-ranging compliance advice. Maintains a strong reputation for its standout breach response practice.”

– Chambers USA 2019

Data is king – partnerships are gold.

BakerHostetler formed the Digital Assets and Data Management Practice Group (DADM Group) to mirror how our clients do business. Leveraging data and technology is a priority for most entities. We have united key service offerings and technologists to address all the risks associated with an entity’s digital assets. Our clients are collecting data and then utilizing advanced technology to transform their products and services. Doing this creates enterprise risk. Our new practice group works with our clients through the life cycle of data – privacy, security, marketing and advertising, transactions, and emerging technology – within an organization.

Our experience and approach enable effective global digital risk management (and are our competitive differentiators). Our attorneys are on-site at client locations hundreds of days a year doing the small and large things necessary to meet our clients’ needs and help them accomplish their goals: conducting training, doing claims audit and substantiation, leading proactive security and risk assessments, working through security and compliance incidents, advising executive leadership teams and boards, preparing witnesses for depositions and regulatory investigations, and providing advice on new initiatives and transactions.

More »

We serve some of the largest names in retail, healthcare, hospitality, education and financial services. We also work on small and midsized matters, and these are often the matters that expose us to new trends and risks. Our technologists analyze key data from our matters to help us identify trends, develop insights and build custom tools to enable digital transformation efforts. The depth and breadth of our group’s experience are unmatched and position us to advise clients on all aspects of managing data and digital assets.

The DADM Group was built from the successes of our highly regarded Data Privacy and Advertising teams, which are ranked by Chambers, Chambers Global and Legal 500. Our lawyers have also been recognized by Law360, Financial Times Innovative Lawyers and American Lawyer for being trailblazers in this space. Indeed, our annual Data Security Incident Response Report is a go-to resource, and the compromise intelligence gained from the work associated with the Report enables us to inform our clients so they can make healthy risk-based decisions affecting various segments of their operations. Additionally, the firm’s recently formed innovative R&D team, IncuBaker, is included in this group to help lawyers and clients navigate the intersection of digital business, emerging technology and law.

The areas of focus for the DADM Group are:

Digital Risk Advisory and Cybersecurity: Managing risk, developing strategies and implementing solutions across all service areas, as well as advising on responses to data security incidents of all kinds.

Advertising, Marketing and Digital Media: Navigating key issues such as data privacy, social media marketing, gaming, sales practices, claim substantiation and much more.

Privacy Governance and Technology Transactions: Operating at the intersection of innovation and information, and managing digital asset strategies with rigorous attention to contracts, policies, training and regulations such as the California Consumer Privacy Act (CCPA) and the EU’s General Data Protection Regulation (GDPR).

Healthcare Privacy and Compliance: Ensuring compliance with state and federal regulations and laws, and leveraging emerging technology, managing data and structuring operations so that data can be handled in a way that is compliant with those regulations specific to healthcare.

Privacy and Digital Risk Class Action and Litigation: This team unites a group of attorneys who have deep subject matter experience and have defended more than 100 of these matters. The team has won several appeals and has defeated class certification multiple times.

Emerging Technology: A multifaceted approach to handling data analytics, the emerging use of artificial intelligence, the Internet of Things and blockchain technology, supported by tech-savvy attorneys and technologists and the firm’s new IncuBaker team.

Select Experience

  • The Advertising, Privacy Governance and Technology Transactions, Digital Risk and Cybersecurity teams provide seamless overall counseling to global consumer products and retailers, helping the companies navigate the supporting of advertising claims, evolving loyalty and subscription programs, and CCPA compliance. The coordination of such work has never been more important as companies grapple with how lawfully to collect, protect and use valuable consumer data.
  • We served as incident response and post-disclosure counsel for Marriott Hotels regarding the Starwood Hotels guest record security incident disclosed in 2018. We also are defending Marriott in multidistrict litigation against claims brought by individuals, banks and cities.
  • All six of our teams have supported a multinational grocer, including advised on CCPA compliance, conducting an advertising and digital media boot camp, providing counsel regarding e-commerce and cybersecurity and handling legal issues related to the response, notification and litigation arising from a payment card security incident.
  • We advised a large specialized research and treatment center on healthcare compliance, including the use of de-identified protected health information for research purposes.
More »

Professionals

Name Title Office Email
Associate New York
Partner Atlanta
Associate Denver
Counsel Denver
Associate Cincinnati
Counsel Cleveland
Counsel New York
Associate Costa Mesa
Associate New York
Partner New York
Partner Atlanta
Associate Houston
Associate Cleveland
Counsel Cincinnati
Partner Cleveland
Associate Cleveland
Partner Orlando
Associate New York
Partner Cleveland
Partner Los Angeles
Partner Denver
Partner Atlanta
Chief Information Officer
Chief Information Officer Cleveland
Counsel Atlanta
Partner Atlanta
Partner Houston
Associate Chicago
Associate Cincinnati
Counsel Atlanta
Associate Columbus
Counsel Washington, D.C.
Associate New York
Associate New York
Partner New York
Associate Washington, D.C.
Partner New York
Partner Atlanta
Partner Los Angeles
Associate Atlanta
Partner Cleveland
Partner New York
Associate Philadelphia
Associate Denver
Partner New York
Associate Houston
Associate Atlanta
Partner Chicago
Partner Cincinnati
Partner Columbus
Partner Cincinnati
Associate Chicago
Staff Attorney Columbus
Partner Cincinnati
Associate Atlanta
Partner Cleveland
Partner Atlanta
Associate Chicago
Partner Seattle
Partner Denver
Partner Washington, D.C.
Associate Seattle
Partner Cleveland
Partner New York
Partner Los Angeles
Associate New York
Partner Atlanta
Associate Seattle
Counsel Columbus
Associate Chicago
Director of Practice Services
Director of Practice Services Cincinnati
Associate Los Angeles
Associate Washington, D.C.
Associate Cleveland
Associate Los Angeles
Partner Columbus
Partner New York
Partner Cleveland
Partner Los Angeles
Partner Seattle
Partner Seattle
Partner Washington, D.C.
Partner Cleveland
Counsel Chicago
Associate Houston
Partner Philadelphia
Counsel Washington, D.C.
Associate Denver
Partner Philadelphia
Partner New York
Associate Seattle
Partner Cincinnati
Partner Cleveland
Associate New York
Associate New York
Associate Atlanta
Partner Philadelphia
Associate Costa Mesa
Partner Washington, D.C.
Partner Houston
Partner Washington, D.C.
Partner New York
Partner Philadelphia
Partner Cleveland
Partner Orlando
Partner Washington, D.C.
Partner Cleveland
Associate Denver
Associate Seattle
Associate Seattle
Partner Cincinnati
Associate Denver
Partner Chicago
Counsel Philadelphia
Partner Cleveland
Counsel Chicago
Associate Los Angeles
Partner Cleveland
Associate Atlanta
Associate Houston
Associate Atlanta
Partner Atlanta
Partner Houston
Partner Atlanta
Associate New York
Partner Washington, D.C.
Associate Los Angeles

Experience

  • The Advertising, Privacy Governance and Technology Transactions, Digital Risk and Cybersecurity teams provide seamless overall counseling to global consumer products and retailers, helping the companies navigate the supporting of advertising claims, evolving loyalty and subscription programs, and CCPA compliance. The coordination of such work has never been more important as companies grapple with how lawfully to collect, protect and use valuable consumer data.
  • We served as incident response and post-disclosure counsel for Marriott Hotels regarding the Starwood Hotels guest record security incident disclosed in 2018. We also are defending Marriott in multidistrict litigation against claims brought by individuals, banks and cities.
  • All six of our teams have supported a multinational grocer, including advised on CCPA compliance, conducting an advertising and digital media boot camp, providing counsel regarding e-commerce and cybersecurity and handling legal issues related to the response, notification and litigation arising from a payment card security incident.
  • We advised a large specialized research and treatment center on healthcare compliance, including the use of de-identified protected health information for research purposes.
  • Multiple DADM Group teams combined to provide services to a multi-brand restaurant company with thousands of locations. Our work included data security incident response; incident response training and tabletop exercises; extensive technology contract negotiations to support integration of new brands into the multi-brand concept; guidance regarding implementation of secure payment technology and mobile payment applications; and acquisition-related due diligence and security assessments.
  • We represent an alliance of multinational corporations in connection with a partnership with IBM Watson Health and other analytics providers. This partnership harnesses the power of IBM’s artificial intelligence capabilities and other provider services through the collection and analysis of health data to improve health outcomes for employees and to reduce healthcare costs for member companies.
  • Our Digital Risk Class Action and Litigation team defeated certification of a putative class action brought against a large regional discount retailer on behalf of banks that issued payment cards affected by the retailer’s 2015 data breach. The plaintiffs attempted to certify a class of about 2,500 banks, arguing that the retailer was negligent in its failure to maintain adequate cybersecurity, leading to damages including actual fraud losses, card reissuance costs and lost revenue from the potential compromise of more than 1 million payment cards. Through significant fact discovery, the team developed a solid factual record to oppose class certification.
  • We advised an international fast food chain regarding the use of a new blockchain tool to tokenize and distribute sensitive data, including an analysis of the technology against laws providing safe harbors for encryption in the event of a security incident.

Recognition

  • Chambers Global: Privacy & Data Protection (USA) (2014 to 2019)
  • Chambers USA: Nationwide Privacy & Data Security (2013 to 2019)
    • Chambers USA Privacy and Data Security - Healthcare Spotlight Table (2018 to 2019)
    • Chambers USA Award: “Privacy & Data Security Team of the Year” finalist (2015, 2017)
  • Chambers Fintech: Legal – USA (2018 to 2019)
  • The Legal 500 United States (2016 to 2019)
    • Media, Technology and Telecoms: Data Privacy and Data Protection, Tier 1
    • Media, Technology and Telecoms: Cyber Law, Tier 2
  • Law360: Privacy "Practice Group of the Year" (2013 to 2015, 2018)
  • Recognized as one of the top law firms for client service, BakerHostetler was named to the 2020 BTI Client Service 30 for the sixth consecutive year.

News

News

Press Releases

Publications

Alerts

Articles

Blog Posts

Key Contacts

Blog

In The Blogs

Previous Next
Data Privacy Monitor
California AG Press Release Clarifies CCPA's Jan. 1 Effective Date and Data Broker Registry, Provides No Update on Draft Regulations
By Kyle R. Fath
January 14, 2020
On Jan. 6, 2020, the California attorney general (AG) released a CCPA advisory press release outlining the new data privacy rights under the California Consumer Privacy Act (CCPA) afforded to California consumers and clearly stating that...
Read More ->
Data Privacy Monitor
Cybersecurity Remains a Top SEC Examination Priority in the New Decade
By Jonathan A. Forman
January 10, 2020
It may be a new decade, but the focus of the Securities and Exchange Commission (SEC) on cybersecurity has not shifted. In particular, the SEC noted in its 2020 Examination Priorities that the Office of Compliance Inspections and...
Read More ->
Blockchain Monitor
New Blockchain Patents, Crypto Mining Expands in US and Russia, French ICO Approved Under New Law, DOJ and INTERPOL Enforcement Actions
By Simone O. Otenaike, Joanna F. Wasick
January 10, 2020
In this issue: • Patents Granted to Blockchain Payments Firms, Crypto Mining Expands in Texas and Russia • First ICO Is Approved Under New French Law, New Crypto Bill Is Introduced in US • DOJ Prosecutes Crypto Dark Markets, INTERPOL...
Read More ->
Data Privacy Monitor
Steps to Develop a Mature Third-Party Risk Management Program With High-Risk Third Parties
By Daniel A. Pepper
January 10, 2020
This blog is the first in a series exploring how organizations can prevent or mitigate the severity of a third-party data breach or cyber exploit by implementing a variety of cybersecurity risk management controls such as assessing...
Read More ->
Data Privacy Monitor
Is the CCPA's Private Right of Action Provision Retroactive?
By Sean B. Solis
January 9, 2020
With the California Consumer Privacy Act (CCPA) – the strictest privacy law in the nation – now in effect, an important question for businesses to consider is whether it applies to conduct that occurred prior to the law’s effective date of...
Read More ->