Our Privacy and Cybersecurity Team provides practical and comprehensive counseling and litigation solutions to address the privacy and data security concerns and compliance issues that companies must grapple with today. In light of the California Consumer Privacy Act (CCPA), which affects many companies in and outside of California, we help companies fulfill data disclosure,  handling, and protection requirements, create critical data breach mitigation strategies and pre-incident response plans, and comply with applicable state and federal laws governing data breach incidents.

Data Breach Strategy and Response

In the event of a suspected or actual data security breach, we provide companies with strategic advice and counsel not just to comply with applicable legal requirements, but to help protect their finances and business reputations to the extent possible despite any such incident. We assist companies on all aspects of their responses to incidents, including securing any available insurance coverage, coordinating the forensic investigation, evaluating what notices are required or prudent, assisting with the preparation and sending of notices, and addressing any related potential liability issues and/or litigation.

CCPA Compliance and Litigation

Farella’s CCPA litigation team helps our clients comply with the requirements of the Act and other data privacy legislation, and are prepared to deal with any litigation arising under such laws. In the event of a suspected or actual data security breach, we provide companies with strategic advice not just to comply with applicable legal requirements, but to help protect their finances and business reputations in the short and long term. Our comprehensive approach includes securing available insurance coverage(s), coordinating forensic investigations, evaluating and effectuating all required (or otherwise prudent) notices, and addressing any related potential liability issues and litigation.

Our Multi-Practice Team Provides:

  • Privacy attorneys that review and draft privacy and information security policies, and assist with communication and implementation strategies, including training regarding maintaining reasonable security procedures and practices.
  • Insurance recovery attorneys and an insurance risk management consultant who advise clients on the placement of cyber insurance policies, draft captive insurance “Tech E&O” and stand-alone cyber insurance policies, and work with our clients’ insurance brokers in negotiating the broadest possible coverage in the purchase or renewal of their cyber insurance policies, as well as traditional insurance that may apply to cyber and “Internet of Things” risks (e.g., property, general liability, errors and omissions liability, and directors and officers liability). We handle insurance claims arising out of alleged data breaches, security incidents and privacy violations.
  • White collar defense and government investigations attorneys who help clients handle government reporting and inquiries following a breach, including in some cases, investigation of the incident by government authorities. We also help guide clients through any follow-on enforcement scrutiny and litigation that may focus on the client’s breach response.
  • Intellectual property and technology litigators who have deep familiarity with the latest cloud computing and security/encryption technologies, and have litigated numerous patent cases involving these technologies. Our attorneys also have significant experience handling the types of copyright and trade secret issues that can follow a data breach, and are a valuable resource in the midst of a cybersecurity crisis that can threaten our clients’ businesses and brands.
  • Class action litigators who have tried cases across the nation and will vigorously defend clients when data breaches, and/or other alleged violations under privacy laws, result in private litigation. We are well positioned to take on major class actions and multidistrict litigation, which often follow high profile data breaches or other unauthorized disclosures of personal information.

Firm Highlights

Publication

California Appeals Court Empowers Privacy Agency to Immediately Enforce CCPA Regulations

In  California Privacy Protection Agency et al. v. The Superior Court of Sacramento County  (case number C099130), the Third Appellate District of the California Court of Appeal returned authority to the California Privacy Protection...

Read More
Publication

California AI Proposal Rethinks Consumer Scope and Recordkeeping

The California Privacy Protection Agency will revisit its  draft  regulations for automated decision-making technology on March 8, including use of artificial intelligence to process personal information. Comment periods should be coming soon in 2024...

Read More
Publication

Court Reinstates CPPA Enforcement Authority and Confirms No Delay Necessary for Enforcement of Future CCPA Regulations

A recent appellate decision has made clear that the regulations promulgated under California’s groundbreaking consumer privacy law, the California Consumer Privacy Act (CCPA, as amended by the California Privacy Rights Act (CPRA)), are ripe...

Read More
Publication

California Proposes New AI & Automated Decision-Making Technology Regulations

The California Privacy Protection Agency (CPPA) released its draft  regulatory framework for automated decision-making technology (ADMT) on November 27. These regulations are a preview of what new requirements may look like for companies currently...

Read More
Publication

Thomson Reuters v. Ross Intelligence: AI Copyright Law and Fair Use on Trial

On Sept. 25, 2023, Judge Stephanos Bibas (sitting by designation in the District of Delaware), determined that fact questions surrounding issues of fair use and tortious interference required a jury to decide media conglomerate...

Read More
Publication

BIPA Liability: Existing CGL Coverage May Provide a Lifeline for Policyholders

Developments in the law have increased the potential liability that companies could face under the Illinois Biometric Information Privacy Act (BIPA), but fortunately for policyholders, Illinois case law has also solidified coverage for BIPA...

Read More
Publication

Enforcement of CPRA Regulations Delayed

Shortly before the California Privacy Right Act (CPRA) modifications to the California Consumer Privacy Act (CCPA) were set to become enforceable on July 1, 2023, a Sacramento Superior Court judge issued a ruling on...

Read More
Publication

It Wasn’t Me, It Was the AI: Intellectual Property and Data Privacy Concerns With Nonprofits’ Use of Artificial Intelligence Systems

In today's rapidly changing technological landscape, artificial intelligence (AI) is making headlines and being discussed constantly. To be sure, AI provides a powerful tool to nonprofits in creating content and exploiting for countless cost-effective...

Read More
Publication

Nonprofits’ Use of Artificial Intelligence Systems: Intellectual Property and Data Privacy Concerns

In today's rapidly changing technological landscape, artificial intelligence (AI) is making headlines and being discussed constantly. To be sure, AI provides a powerful tool to nonprofits in creating content and exploiting for countless cost-effective...

Read More
Publication

Top 5 Privacy Cases To Watch, From Chatbots to Geolocation

Litigation — and threats of litigation — related to privacy law violations have been on the rise recently. While some judges have pushed back on the theories set forth by plaintiffs, new privacy lawsuits...

Read More