Find Lawyers in America for Privacy and Data Security Law
Practice Area Overview
Most privacy laws outside the United States are “omnibus privacy laws” that protect all types of personal data. These laws specify permitted uses of personal data and establish the conditions under which it is legitimate and lawful to process it. They are often supplemented by sectoral laws, for example for the protection of health care data.
The United States, on the other hand, does not yet have a national law that protects all categories of personal data, and instead has opted for a sectoral approach. It relies on a patchwork of state and federal laws that regulate some – but not all – categories of personal data. These laws tend to create limits on what can be done with the personal data collected, but there is little limitation on what can be collected. In most cases, all uses of personal data are permitted unless a law or regulation specifically prohibits them. In addition, the Federal Trade Commission and State Attorneys General play a significant role in defining acceptable practices.
Data privacy cannot exist without keeping data secure. Adequate security measures are necessary to protect the authenticity, confidentiality and integrity of information. Measures designed to provide data security are generally grouped in three categories: physical security measures, administrative security measures, and technical security measures. Data security laws tend to require companies to implement appropriate security safeguards. In addition, an increasing number of countries are adopting security breach disclosure laws that require entities to notify government agencies and the affected individuals, when a breach of security has caused the theft or unauthorized disclosure of personal data.
Attorneys working in the field of privacy and data security law help companies navigate the often-complex requirements of privacy and data security laws. They advise companies on a wide range of privacy and data security measures, assisting companies in ensuring that their data collection and processing practices, data transfer procedures, privacy policies, and marketing activities are compliant with the relevant domestic, international, privacy, and data security regulations and laws.
Corporate Law & Commercial Litigation Legal Guide 2023
View Legal GuideSelect a location from the list below to find the best legal talent for your needs.
State
Ian Ballon is an intellectual property and Internet litigator who represents clients in copyright, DMCA, trademark, trade secret, right of publicity, privacy, security, software, database and Internet disputes and in the defense of data privacy, behavioral advertising and other Internet-related class action suits. Mr. Ballon, who splits his time between the firm's Silicon Valley and LA offices, is the author of the four-volume legal treatise, E-Commerce and Internet Law: Treatise With Forms 2...
Kristy McAlister Brown is co-chair of the firm's Litigation & Trial Practice Group and leads the firm’s Privacy and Cybersecurity Litigation Practice Team. Ms. Brown focuses her practice on complex commercial litigation, with an emphasis on class actions and privacy and cyber litigation. She has defended putative class actions across the country and has a strong track record of defeating class certification—both at the trial and appellate levels. Ms. Brown is an experienced pr...
Maki DePalo is a client advocate and a problem solver who leverages more than a decade of technical leadership and international business experience as an integral component of her law practice. She advises clients on global data privacy, cybersecurity, California Consumer Privacy Act of 2018 (CCPA) compliance programs, incident preparedness initiatives, and technology transactions, enabling businesses to successfully navigate new challenges in an ever-evolving digital landscape. Maki’s...
Jason Epstein is a business attorney and a partner in the Nashville and New York office. Mr. Epstein is the co-head of the Technology and Procurement Industry Group for the Firm. Mr. Epstein and the technology team provide legal services to buyers and sellers of technology both domestically and internationally in various industries, from Fintech and HealthIT to auto and manufacturing. Mr. Epstein has experience in business and technology negotiations from both the vendor and buyer perspective...
Jason C. Gavejian is a principal in the Berkeley Heights, New Jersey, office of Jackson Lewis P.C. and co-leader of the firm’s Privacy, Data and Cybersecurity practice group. Jason is also a Certified Information Privacy Professional (CIPP/US) with the International Association of Privacy Professionals. As a Certified Information Privacy Professional (CIPP/US), Jason focuses on the matrix of laws governing privacy, security, and management of data. Jason is co-editor of, and a regular c...
Kamal Ghali is a co-founder of Chaiken Ghali LLP, a former federal prosecutor, and a top-ranked white collar criminal defense and business litigation attorney. Over the last eighteen years, Mr. Ghali has handled some of the biggest criminal and civil cases in the country, including high-profile white collar criminal fraud investigations and trials; high-stakes business disputes involving racketeering (RICO) and fraud allegations in state and federal court; and a range of international cyberse...
Alreen Haeggquist is the Managing Partner at Haeggquist & Eck, LLP. Motivated by the pains of her childhood, Alreen became a lawyer and has been standing up for those who have suffered sexual assault, sexual harassment, discrimination, and retaliation for 20 years. Alreen is a best-selling author of Fired Up: Fueling Triumph from Trauma. She shares her deeply personal story of childhood abuse and the steps she took to overcome the long-lasting effects. Her lived experience and trauma-info...
Jim is a partner in the Technology and Privacy Group and co-chairs the firm’s Privacy & Security task force and the firm’s Cybersecurity Preparedness & Response Team . Jim’s practice involves board-level and enterprise-wide issues at the intersection of global cybersecurity, privacy, technology and data initiatives. Given his decades-long experience in the technology space, Jim was one of the first lawyers in the United States to focus on the criticality of privacy a...
Elizabeth ("Bess") Hinson is a privacy and cybersecurity attorney in Holland & Knight's Atlanta office. Ms. Hinson focuses her practice on cyber and data risk management and governance, breach preparedness and response, crisis management and global data privacy compliance. Ms. Hinson represents clients at all stages of incident response from investigation, notification, remediation, managing privacy class action risks, and defense of litigation and regulatory inquiry. She regularly counse...
Kelly represents hospitals, physicians, payors, and companies in the health care sector in complex litigation. In addition, Kelly regularly counsels health care providers, including FQHCs, alcohol and drug agencies, mental health providers and physicians; technology vendors; and other businesses on corporate compliance standards, best practices and corporate governance matters, and on the potential collateral consequences of business decisions. She routinely advises boards and helps board com...
David F. Katz Shareholder PRACTICE AREAS Privacy, Cyber Security, Data Management, Cyber Incident Response and Investigations, Technology Transactions, Financial Regulatory and Technology, Corporate and Business Transactions, Criminal Defense EDUCATION The University of Baltimore School of Law, J.D. 1999 The University of Georgia, B.A. 1996 Mr. Katz serves as counselor and advisor to the C-Suite and General Counsel for both public and private companies. Mr. Katz previously served as senior le...
David Keating focuses his practice on matters involving technology and data. David is one of the co-leaders of the Privacy & Data Security Practice at Alston & Bird. He has advised clients on privacy and security issues arising along the entire data lifecycle for more than 15 years. He assists clients with compliance strategies, policy development and implementation, data monetization and data use analyses, new product development, privacy and security issues in transactions, and priv...
Brian J. Lamoureux is a Partner with Pannone Lopes Devereaux & O’Gara LLC and a member of the firm’s Litigation, Employment, Cyber Law and Corporate & Business teams. He is also Assistant Professor of Practice (Business Law) at Providence College, his alma mater. His extensive practice areas include complex commercial litigation, employment law, construction law, social media law, and creditors’ rights. In addition to being an accomplished business litigator, he is a...
Amy S. Leopard is a partner in our Health Care practice and co-chairs our Privacy and Information Security Team. She practices business law and advises a diverse array of clients in health care and technology industries. Amy is a valued business advisor in corporate matters involving health care and information technology law. She provides trusted counsel to health care providers, entrepreneurs, and service providers on licensing, payment, regulatory compliance, privacy and technology issues....
Kevin Levy is a business, corporate and technology attorney. For over a decade, Kevin has represented global technology companies, as well as local entrepreneurial ventures. He has extensive experience providing strategic counseling and negotiating transactions for both U.S. and foreign-based clients. Kevin is frequently interviewed by the media on current business and technology law issues and trends, and he has received awards for his business and technology law practice from The Best Lawye...
Prior to joining Barnes & Thornburg, Brian served as in-house counsel to an intellectual property consulting and investigations firm where he advised Fortune 1000 corporations on complex IP, anti-counterfeiting, and brand protection strategies. Brian is a member of the International Association of Privacy Professionals (IAPP) and serves as Subcommittee Chair for the inaugural Data Protection Committee of the International Trademark Association (INTA). He has been appointed to the Terralex...
Mr. Moulsdale co-chairs the Cyber Security, Information Management & Privacy practice at Whiteford Taylor & Preston. His practice focuses on licensing, IP, data security, privacy and other e-commerce and technology-related legal issues that organizations face, both in the U.S. and internationally. He regularly counsels a wide range of organizations – including financial institutions, software vendors, and trade associations – in connection with their most significant data ...
Mehmet Munur is a Partner at Tsibouris & Associates, LLC. He concentrates his practice in the areas of technology, information privacy and security, and financial services regulation. Mehmet works on contracts for internet-based services, including drafting and negotiating software licenses or Software-as-a-Service ("SaaS") agreements, terms of use, privacy policies and other technology agreements. Mehmet regularly advises clients on technology outsourcing agreements, servicing, financing...
Dan Murphy’s practice has focused exclusively on healthcare transactional and regulatory matters for the past decade. He has represented all types and sizes of healthcare providers, from publicly-traded national hospital, dialysis, and ambulatory surgery center companies, to independent surgery centers and pharmacies, physician practices, and individual physicians. In representing providers, Dan brings a holistic view to healthcare deals and compliance issues that incorporates an unders...
Jeffrey G. Muth has been practicing law since 2000 and is chair of the firm's Privacy and Data Security practice. His practice involves complex commercial litigation and corporate counseling with a niche in insurance coverage. In addition, he is experienced in alternate dispute resolution including arbitration and mediation. Mr. Muth attended and completed the Program on Negotiation at Harvard Law School “Mediating Disputes.” He is also an approved mediator for the United States D...
A former DOJ cybercrime prosecutor and former director of PwC’s cyber forensics group, Kim delivers top of the line cyber risk management and information security counsel to her clients. As co-leader of our Privacy, Cyber & Data Strategy Team and National Security & Digital Crimes Team, Kim is recognized by select publications and is frequently quoted by the media. Kim Peretti is co-leader of the Privacy, Cyber & Data Strategy Team and National Security & Digital Crimes ...
Steven Richard is a highly experienced trial and appellate lawyer who handles complex commercial, employment and higher education cases throughout the federal and state courts of Rhode Island, Massachusetts and Connecticut. Steve is especially active in the Rhode Island Federal District Court, where he serves as the Chair of its Local Rules Committee. What do you focus on? I handle a broad array of commercial, civil rights and higher education cases, using more than 20 years of pretrial and c...
Stephanie M. Rippee is admitted to the Mississippi and Tennessee Bars. For more than 20 years she has sought to creatively and efficiently resolve legal matters for clients. Her practice focuses on commercial litigation and product liability litigation. She is a recognized public speaker and author and has been selected by Mid-South Super Lawyers as one of the Top 50 Lawyers in Mississippi.
Michelle Schaap practices cybersecurity and corporate law. Within corporate law, she primarily practices in construction, franchising and renewable energy – representing a varied client base that ranges from Fortune 500 companies to closely-held businesses. Cybersecurity Combining her technology and corporate experience, Michelle has spearheaded and developed CSG’s cybersecurity practice. She regularly advises clients on cybersecurity preparedness, counsels clients when data secur...
Mark E. Schreiber focuses his practice on cybersecurity, data breach response and global privacy coordination. He advises entities facing cross-border data protection, the General Data Protection Regulation (GDPR), Privacy Shield and related issues, strategic decisions, cyber assessments and investigations. Mark has led numerous multi-national and cross-border matters, including those involving data breaches, data transfer and credit card/PCI matters. He has advised senior management, boards,...
Sherrese Smith is the Global Managing Partner of Paul Hastings. As Global Managing Partner, Ms. Smith helps direct the growth, management, and strategy of the firm. Ms. Smith previously served as the Vice Chair of the Data Privacy and Cybersecurity practice. She is known as one of the country’s preeminent Data Privacy and Cybersecurity and Media and Technology attorneys. Consistently ranked as a leading lawyer in Chambers USA and Legal 500, she is recognized throughout the legal, media,...
Represented telecommunications sales management software developer in licensing, copyright and trade secret dispute before three member AAA panel Represented international flooring manufacturer in patent infringement suit before International Trade Commission Represented mobile office and storage leasing company in patent infringement matter Represented publicly traded company in federal trademark disputes Represented City of Baltimore in negotiations with telecommunications carriers for inst...
Jenell Trigg is the chair of Lerman Senter’s Privacy, Data Protection and Cybersecurity Practice Group and is a Certified Information Privacy Professional (“CIPP/US”) under the International Association of Privacy Professionals. She specializes in privacy, data protection and cybersecurity issues, intellectual property concerns, and government regulation of the internet and new technologies. Jenell also maintains a varied practice in broadcast, wireless, cable, internet, and...
Todd Vare is a trial and appellate advocate focused on protecting his client’s intellectual property and counseling on their data security and privacy needs. Todd is client-focused, staunchly loyal to those he serves, and passionate about the law and innovation. He is at his best where advocacy, business and competition intersect. Todd advocates for his clients in complex, high-stakes litigation involving patents, trademarks, copyrights, trade secrets, technology licensing, software dev...
Tom Vincent is a shareholder at GableGotwals and is a Certified Regulatory Compliance Manager and Certified Information Privacy Professional/United States. He brings extensive experience in regulatory compliance to his practice, having served as Chief Compliance Officer for different financial institutions, as well as Anti-Money Laundering Compliance Officer, responsible for ensuring compliance with a myriad of requirements, including customer protection, privacy, information security, corpor...
Our Methodology
Recognition by Best Lawyers is based entirely on peer review. Our methodology is designed to capture, as accurately as possible, the consensus opinion of leading lawyers about the professional abilities of their colleagues within the same geographical area and legal practice area.
The Process
Best Lawyers employs a sophisticated, conscientious, rational, and transparent survey process designed to elicit meaningful and substantive evaluations of the quality of legal services. Our belief has always been that the quality of a peer review survey is directly related to the quality of the voters.