Data Privacy

Latham lawyers help companies ensure the privacy and security of the data they collect, store, and process as ongoing digitization increases regulatory and competitive pressure. The utility and accessibility of data now supports ‎and drives the strategy of businesses globally. As the regulatory environment evolves and becomes increasingly complex, Latham helps clients adopt compliant strategies that enable them to both protect and leverage data.

Why Latham

Data is now the most valuable asset for many organizations, but if not adequately managed, it can be a critical liability. Latham lawyers help companies to develop new products, business models, and revenue lines by understanding and utilizing data effectively. The true value of data is evidenced by the prolific rise of data-centricity at the consumer and board level. Latham’s dedicated practitioners help companies balance the need to derive value from their data with the need to keep on the right side of regulators.

Latham helps companies stand up a robust privacy governance structure, supported by the tools needed to ensure day-to-day privacy compliance. Latham operates a “privacy by design” approach and frequently works with the firm’s outsourcing, commercial contracts, and digital practitioners to assist clients in developing compliant enterprise-wide solutions.

The firm provides a global and integrated team of practitioners, operating across borders to advise clients on the collection, use, and transfer of employee and consumer data, including in relation to the export of personal data to countries outside the European Economic Area (EEA), global data sharing structures, and the application of United States (US), European Union (EU), and global information laws. Latham lawyers structure, document, and audit privacy policies to help organizations implement operational processes and data protection procedures that are compliant with relevant legislation. Such legislation includes national, EU, federal, and state laws, such as the Gramm-Leach-Bliley Financial Services Modernization Act; EU General Data Protection Regulation (GDPR); E-Privacy Directive; Network Security Law; Fair Credit Reporting Act; Telephone Consumer Protection Act; CAN-SPAM; and Children’s Online Privacy Protection Act, among others.

Notably, the firm’s experienced healthcare information lawyers advise on compliance obligations imposed under a variety of sources of regulation, including the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH), Federal Trade Commission (FTC) guidance, and state privacy and security laws.

Latham lawyers offer pragmatic, commercial advice that allows clients to leverage and monetize the wealth of information at their fingertips, while meeting global privacy requirements. Latham helps craft data exchange and analytics agreements to enable companies to exploit big data.

Latham helps organizations navigate privacy incidents and regulator investigations, as well as advising on the privacy implications of information requests in civil litigation and from global law enforcement authorities. Latham lawyers strive to — and often do — secure voluntary closing of regulatory inquiries. When unattainable, Latham works vigorously to obtain the best possible outcome for clients, leveraging the firm’s deep knowledge of regulators and their requirements. Latham lawyers routinely defend high profile privacy and data security cases on behalf of companies of all sizes — from leading global enterprises defending cross–border proceedings, to small emerging companies defending consumer class actions. 

In addition, the firm’s practitioners advise on privacy and cybersecurity due diligence in M&A transactions, and help clients to understand and mitigate risk in the acquisition and financing process.

Whether a client is just getting started on a project involving big data or looking to assess the privacy and security of the data they own, Latham’s team of information law and privacy practitioners is here to help.

Our Experience

Awards & Rankings

  • Latham Named to BTI CyberSavvy 16 - March 25, 2020
  • Latham Named 2019 Cybersecurity & Privacy Group of the Year - January 28, 2020
  • Litigation & Trial Partner Again Named to “Incident Response 30” List - April 22, 2019
  • Latham Again Named Technology Group of the Year - February 18, 2019
  • Data Privacy & Security Partner Named a Top Cyber Lawyer in California - January 22, 2019

“The team is very experienced and good at combining business and regulatory objectives.”

Chambers Global 2017


NYU Annual Women Leaders in CybersecurityInstitutional Asset Management SymposiumPrivacy + Security Forum

Media Coverage

16 Firms Score GCs' Praise For Cyber SavvinessDaily Dicta: Latham’s Billion Dollar LitigatorTechnology Group of the Year: Latham


Latham Named to BTI CyberSavvy 16 Litigation & Trial Partner Again Named to “Incident Response 30” ListLatham Releases The Book of Jargon® – Cryptocurrency & Blockchain Technology

Thought Leadership

New Penalties for Data Controllers and IT Companies in RussiaData Protection Impacts for UK Businesses Under UK Withdrawal AgreementHong Kong Considers Sweeping Changes to Privacy Laws