Privacy and Data Protection – Information Technology

Overview

We focus our work for the IT industry on technology transactions, in addition to our usual comprehensive range of privacy and data protection services. We handle vendor contracts, mergers and acquisitions, and agreements involving the ownership, usage, transfer, and sharing of data, as well as a significant number of cloud computing deals for enterprise purchasers and cloud service providers. Our clients include: Web, software, and app developers; social game publishers; companies involved in the cloud, SaaS, platform usage, data analytics, network security solutions, advertising technologies and payment processing: and companies involved in Website, mobile app, and video game development.

Select Experience

  • Conducting due diligence and negotiating more than 150 cloud computing transactions on behalf of both cloud service providers and enterprise purchasers, including Software as Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS).
  • Developing contract programs for technology service providers, including their master services agreement as well as a framework for negotiating revisions with their customers.
  • Providing guidelines to clients in assessing cloud computing risks, including indemnification and limits of liability.
  • Developing and assessing Service Level Agreements (SLAs) in various settings, addressing issues such as business interruption and customer service.
More »

Experience

  • Conducting due diligence and negotiating more than 150 cloud computing transactions on behalf of both cloud service providers and enterprise purchasers, including Software as Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS).
  • Developing contract programs for technology service providers, including their master services agreement as well as a framework for negotiating revisions with their customers.
  • Providing guidelines to clients in assessing cloud computing risks, including indemnification and limits of liability.
  • Developing and assessing Service Level Agreements (SLAs) in various settings, addressing issues such as business interruption and customer service.
  • Facilitating the development and implementation of best practices to protect clients’ interests when purchasing and using cloud computing services.
  • Analyzing internal information governance requirements to mitigate cloud computing risks.
  • Developing internal and public-facing policies for responding to government access requests (pursuant to the Electronic Communication Privacy Act and other applicable laws) and addressing consumer privacy concerns in connection with the same.
  • Assessing and advising on international data transfers in the cloud and beyond under the European Data Protection Directive and other non-U.S. laws.
  • Advising technology service organizations on the development of predictive analytics technologies to provide fraud prevention and detection and digital marketing services consistent with applicable laws, FTC guidance, and best practices.
  • Advising traditional brick-and-mortar companies on the development of big data services in the business-to-consumer and business-to-business context based on the aggregation of consumer data.

Recognition

  • Chambers USA: Nationwide Privacy & Data Security (2013 to 2018)
    • Chambers USA Privacy and Data Security- Healthcare Spotlight Table (2018)
  • Recognized as one of the top law firms for client service, we were named to the 2018 BTI Client Service 30 for the fourth consecutive year.

Publications

Key Contacts

Blog

In The Blogs

Previous Next
Data Privacy Monitor
The Weekly Privacy Rewind
June 19, 2018
Class Actions Finkly & Sons Co. Faces Illinois Biometric Information Privacy Act Class Action • A former employee of steelmaker A. Finkly & Sons Co. filed a putative class action against the company in Cook County, Illinois, for violations...
Read More ->
Data Privacy Monitor
OCR Announces Intention to Move Forward With Development of Methodology to Distribute Enforcement Funds to Victims of HIPAA Violations
By Kathryn Carey, Lynn Sessions
June 15, 2018
The Office for Civil Rights (OCR) updated its agenda, outlining proposed and final rules as well as pre-rule document releases for 2018. A notable, and highly anticipated, advance notice of proposed rulemaking included on the agenda...
Read More ->
Data Privacy Monitor
11th Circuit Issues Opinion Vacating Order That Required LabMD to Overhaul Its Data Security Program
By Kathryn Carey, Aaron R. Lancaster
June 8, 2018
On June 6, the 11th Circuit issued its long-awaited decision on LabMD Inc. v. Federal Trade Commission, vacating as unenforceable the Federal Trade Commission’s (FTC’s) cease and desist order that required LabMD to create and implement a...
Read More ->
Data Privacy Monitor
The Weekly Privacy Rewind
June 5, 2018
Canada Canadian Banks Notify 90,000 Following Breach • Bank of Montreal and Canadian Imperial Bank of Commerce announced that they were contacted by hackers and informed that nearly 90,000 customers’ personal information was accessed. •...
Read More ->
Data Privacy Monitor
New Jersey Attorney General's Office Ramping Up Data Privacy and Cybersecurity Enforcement Efforts
By Sara M. Goldstein
June 4, 2018
The Office of the New Jersey Attorney General (AG’s Office) recently announced that it will be creating a new civil enforcement unit, known as the Data Privacy & Cybersecurity Section (DPC Section), to investigate data breaches impacting...
Read More ->