Privacy and Data Cybersecurity

For a list of attorneys, please see below.

California leads the nation in protecting the privacy of California residents and in holding companies to account for the collection and use of personal information, as well as its protection from hacking and unauthorized use and disclosure. We have experienced lawyers who have held CIPP/US certification and advised major online technology companies on creating compliant privacy policies, designing products using “privacy by design” practices, and addressing best practices in cybersecurity for technology companies and for managed services providers.  We can give you practical advice around data does and don’ts in the following ways (and more):

Privacy Law

• Create or update privacy policies in compliance with California Consumer Privacy Act (CCPA) of 2018, as amended by California Privacy Rights Act (CPRA), the federal Children’s Online Privacy Protection Act (COPPA) and California Online Privacy Protection Act of 2003 (CalOPPA) (if applicable)
• Compliance with California’s “Online Eraser” law (Privacy Rights for California Minors in the Digital World)
• Advise on General Data Protection Regulation (GDPR) and cross-border data transfers
• Advise on CAN-SPAM Act for email campaigns and the Telephone Consumer Protection Act (TCPA) for telemarketing calls and texting campaigns
• Advise on FTC Telemarketing Sales Rule and Do-Not-Call registry

Data Cybersecurity

• Prepare Acceptable Use Policies for employees
• Draft and negotiate Data Processing Agreements (DPAs) and Binding Corporate Rules (BCRs)
• Advise on Incident Response Plans and reporting obligations under California’s Data Security Breach Reporting provisions
• SOC 2 Compliance and Audits
• Advise on penetration testing (pen testing)