Privacy and Data Protection – Information Technology

Overview

We focus our work for the IT industry on technology transactions, in addition to our usual comprehensive range of privacy and data protection services. We handle vendor contracts, mergers and acquisitions, and agreements involving the ownership, usage, transfer, and sharing of data, as well as a significant number of cloud computing deals for enterprise purchasers and cloud service providers. Our clients include: Web, software, and app developers; social game publishers; companies involved in the cloud, SaaS, platform usage, data analytics, network security solutions, advertising technologies and payment processing: and companies involved in Website, mobile app, and video game development.

Select Experience

  • Conducting due diligence and negotiating more than 150 cloud computing transactions on behalf of both cloud service providers and enterprise purchasers, including Software as Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS).
  • Developing contract programs for technology service providers, including their master services agreement as well as a framework for negotiating revisions with their customers.
  • Providing guidelines to clients in assessing cloud computing risks, including indemnification and limits of liability.
  • Developing and assessing Service Level Agreements (SLAs) in various settings, addressing issues such as business interruption and customer service.
More »

Experience

  • Conducting due diligence and negotiating more than 150 cloud computing transactions on behalf of both cloud service providers and enterprise purchasers, including Software as Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS).
  • Developing contract programs for technology service providers, including their master services agreement as well as a framework for negotiating revisions with their customers.
  • Providing guidelines to clients in assessing cloud computing risks, including indemnification and limits of liability.
  • Developing and assessing Service Level Agreements (SLAs) in various settings, addressing issues such as business interruption and customer service.
  • Facilitating the development and implementation of best practices to protect clients’ interests when purchasing and using cloud computing services.
  • Analyzing internal information governance requirements to mitigate cloud computing risks.
  • Developing internal and public-facing policies for responding to government access requests (pursuant to the Electronic Communication Privacy Act and other applicable laws) and addressing consumer privacy concerns in connection with the same.
  • Assessing and advising on international data transfers in the cloud and beyond under the European Data Protection Directive and other non-U.S. laws.
  • Advising technology service organizations on the development of predictive analytics technologies to provide fraud prevention and detection and digital marketing services consistent with applicable laws, FTC guidance, and best practices.
  • Advising traditional brick-and-mortar companies on the development of big data services in the business-to-consumer and business-to-business context based on the aggregation of consumer data.

Recognition

  • Chambers USA: Nationwide Privacy & Data Security (2013 to 2018)
    • Chambers USA Privacy and Data Security- Healthcare Spotlight Table (2018)
  • Recognized as one of the top law firms for client service, BakerHostetler was named to the 2019 BTI Client Service 30 for the fifth consecutive year.

Publications

Key Contacts

Blog

In The Blogs

Previous Next
Data Privacy Monitor
Deeper Dive: Choose the Right Forensics Firm for the Job
By William R. Daugherty, Eric A. Packel
April 17, 2019
Forensics are a key component of many data incident investigations. The importance of forensics cannot be overstated. In fact, in 2018, 65% of the incidents we handled involved some type of forensic investigation. Forensics firms can not...
Read More ->
Data Privacy Monitor
In BIPA's Wake, a Wave of New Biometric Privacy Proposals
By Robyn M. Feldstein, Melinda L. McLellan
April 15, 2019
Over the past year, a host of new national, state and local laws have been introduced to regulate the collection and use of biometric information. Although these proposals vary in their requirements, certain elements appear to be inspired...
Read More ->
Data Privacy Monitor
Deeper Dive: The Scourge of O365 Incidents
April 11, 2019
A Growing Menace 2018 saw a continuation of companies moving toward cloud-based email systems. Phishing incidents targeting those systems followed suit. Fully one-third of incidents addressed by our incident response team in 2018 involved...
Read More ->
Data Privacy Monitor
Bill to Expand CCPA Private Right of Action Moves Forward
April 11, 2019
We have previously written about California SB 561 here, introduced by Senator Jackson (D) and supported by the California Attorney General (AG), that among other things would vastly expand the CCPA’s private right of action and remove the...
Read More ->
Data Privacy Monitor
Deeper Dive: GDPR a Game-Changer for Data Breach Notification
By Laura E. Jehl, Andreas T. Kaltsounis
April 8, 2019
When the EU General Data Protection Regulation (GDPR) took effect on May 25, 2018, it dramatically changed the way multinationals manage the reporting of personal data breaches. It also substantially raised the stakes: Entities found to...
Read More ->