Data Privacy and Security

Donahue Fitzgerald’s data privacy and security practice addresses the fast-developing challenges posed by California’s privacy laws and the patchwork of other state, federal, and international laws that regulate how a business collects, uses, shares, and disposes of the information that is critical to its operations.

Numerous states including California have enacted privacy laws designed to increase protections for consumers’ personal data, provide consumers with certain rights to control their personal data, and regulate businesses’ use of consumers’ personal data, including sensitive personal data.

These state laws require that businesses have privacy notices that contain specific information and give consumers (and employees) rights, such as the right to access, correct, and delete their personal information, to opt out of the sale of their personal information and its use for targeted advertising and automated decision-making, and to consent to, or opt out of, the use of their sensitive personal information. Businesses are required to protect personal information, conduct privacy assessments, and not give consumers less favorable terms when they exercise their rights. The laws also contain special protections for children, purpose limitations, data minimization requirements, and required provisions for contracts with service providers.

In response to this explosion of privacy laws, both nationally and internationally, Donahue Fitzgerald provides expert guidance, insight and successful litigation defense to our clients in industries ranging from technology to financial services, subscription-based services, hospitality, advertising and creative services throughout the United States and globally.

Compliance

Recognizing the complex nature of the current privacy legal landscape, we work closely with our clients to help them navigate state and international data privacy laws. We develop privacy policies for websites and applications, document retention policies for businesses, and other internal policies and materials for data privacy compliance as well as advise clients regarding compliance with:

    • the California Consumer Privacy Act (CCPA),
    • the California Privacy Rights Act (CPRA),
    • the Telephone Consumer Protection Act (TCPA),
    • the Children’s Online Privacy Protection Rule (COPPA),
    • the Controlling the Assault of Non-Solicited Pornography And Marketing Act (CAN-SPAM),
    • the Electronic Communications Privacy Act (ECPA),
    • other U.S. state laws, including with regards to Colorado, Illinois, Texas, and Virigina, and
    • the General Data Protection Regulation (GDPR)

Vendor Contracts

Our team manages relationships and drafts contracts between our clients and their vendors/third parties to ensure they adequately protect our client’s confidential data and personal information.

Privacy Policies and Notices

We develop and review privacy policies and notices for clients to ensure they are compliant with applicable state and federal laws, and that they meet the needs and goals of the business. Whether it’s an internal privacy policy or notice to employees, a privacy policy for consumers, or reviewing privacy provisions in M&A agreements and other transactional agreements, our team provides guidance to each client in order to create robust policies and notices.

Data Privacy and Security Litigation

Our team includes experienced litigators prepared to step in should data loss lead to litigation. We defend businesses in matters involving misuse of confidential or personal information, including trade secret cases and claims involving misappropriation of confidential information.

Incident Response

A business’s response to a data breach is critical. Our team quickly assesses our client’s legal obligations under applicable state and federal laws. If Personal Information is involved in the data loss, we develop data breach response plans and disclosure responses to mitigate damages, further data loss, and harm to third parties and the business.

Our team strives to provide practical advice on privacy and security issues while making the complex and sometimes conflicting obligations imposed by these laws easy to understand and manageable. Ultimately, our goal is to help our clients balance compliance with running a business in a cost-effective manner.

Attorneys

Arun P. Bose

Arun P. Bose

Senior Counsel

abose@donahue.com

Stephanie L. Gonzalez

Stephanie L. Gonzalez

Associate

sgonzalez@donahue.com

Hayley M. Lenahan

Hayley M. Lenahan

Partner

hlenahan@donahue.com

Dawn Newton

Dawn Newton

Partner

dnewton@donahue.com

Related Articles/News

Related Practice Areas

Intellectual Property

Donahue Fitzgerald combines expertise and passion to provide the best service to our clients in all areas of intellectual property (IP), including trademark, and copyright. We specialize in licensing and legal services unique to…
Business and Corporate

Donahue Fitzgerald specializes in advising public and private companies, from high-tech start-ups to Fortune 500 companies, regarding corporate transactions, institutional and venture financings, and commercial matters.  Our attorneys represent clients in the formation, financing,…
Employment

California’s management leaders confront the considerable challenge of complying with employment laws on a daily basis.  Regular changes in California and federal laws continue to expand employee rights and create additional liabilities for employers, requiring businesses and public enterprises to manage…