Privacy, Data Protection & Data Security

ArentFox Schiff is a one-stop shop for privacy and data security compliance, investigations, and breach response. Our team handles the full scope of issues, from investigations, to compliance with CCPA/CPRA and other state privacy laws, the FTC Act and sector-specific privacy laws addressing privacy for children, financial data, and health data, and the GDPR and international compliance. We regularly represent clients in data breach response and notification, in high-stakes regulatory investigations, and in privacy litigation, when experience matters. Our goal is to help you navigate a rapidly changing legal, regulatory, and business environment, while enhancing your brand with innovative solutions and protecting it from challenges.

Read Our Privacy Counsel Blog

Read the premier legal blog for data security news and insights.

Our Focus

The regulatory environment for privacy and data security changes rapidly, almost daily. ArentFox Schiff helps clients navigate this reality.

Our Privacy, Cybersecurity & Data Protection team advises a diverse set of companies, including well-known brands in the advertising, consumer products, data, health care, hospitality, media and entertainment, nonprofits, trade associations and industry coalitions, retail, and technology sectors.

As industry insiders on privacy, information governance, and data security, our group helps clients establish best practices and comply with state, federal, and global laws, regulations, expectations, and norms, while providing sophisticated legal and business solutions that anticipate tomorrow’s opportunities and challenges.

group_281474976710656

group_67108864

Meet Our Team

Areas of Focus

Breach Preparedness & Response

Consumer Data

Cyber Policy

Data Ethics

Litigation & Investigations

Privacy Compliance

Insights on Privacy, Data Protection & Data Security

Our Team

Our team, with decades of experience in the field, frequently advises clients on how to safeguard their data, and how to maintain trust with business partners, employees, and consumers, whether around the corner or around the globe.

The firm stands apart because of our experience and our integrated and innovative approach to problem-solving. From regulatory requirements and transactional counseling to managing breaches, investigations, and new technologies, we are a destination firm for companies looking to protect and grow their brands with innovative solutions and to protect their brands from challenges.

How We Help

Regulatory Compliance
Defense of FTC and state privacy and data security investigations
Data breach response, recovery, and notification
Privacy litigation, including defense of matters under the California Invasion of Privacy Act (CIPA) and the Video Privacy Protection Act (VPPA)
General Data Protection Regulation (GDPR) compliance California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA) and other state law compliance and defense
Health information privacy, data security, and breach notification
Internal investigations and governance programs
Internet of Things (IoT) compliance
Data protection agreements
NIST, ISO, PCI-DSS, and other security standards compliance
Payment security and mobile payment compliance
M&A, due diligence and, transactional work
Data protection agreements