Jennifer Archie is a partner in the Washington, D.C. office of Latham & Watkins and a member of the firm’s Litigation & Trial Department. She possesses broad investigations, litigation, and counseling experience advising clients from emerging companies to global enterprises across all market sectors in matters involving computer fraud and cybercrime, privacy and data security compliance and program management, advertising and marketing practices, information governance, consumer fraud, employment, and trade secrets. Ms. Archie has particular expertise defending clients in Federal Trade Commission and state consumer protection investigations and preparing for and leading the response to complex and large-scale data breach incidents.
Prior to entering the practice of law, she served as Legislative Assistant and subsequently Press Secretary to Congressman Christopher H. Smith (R-NJ) from 1983-86. She has lectured for various industry, client, and bar groups on diverse topics related to litigation or compliance issues relevant to state and federal computer crime and privacy laws, unfair or deceptive trade practice laws, and social media compliance considerations for regulated industries and public companies.
Ms. Archie is the editor of the Global Privacy & Security Compliance Law Blog, which discusses a wide range of legal developments and controversies involving data protection and privacy issues and practices, transborder data transfers, and data and system security terms and breaches across numerous industry sectors.
Ms. Archie's experience includes:
- Advisor to leading cybersecurity solution providers on legal considerations related to new features, release of research results, vulnerability investigation, reporting and client management, and portals, new product roll-out, and new market channels
- Represent leading vendor of secure collaboration and data room services on all aspects of security readiness, service reliability, incident response
- Supply chain security. Represented power grid vendor in connection with multiple complex cybersecurity and data leakage matters, involving electricity reliability and supply chain security (B2B security promises)
- Advanced malware. Served as lead legal advisor to multiple global enterprises (gross revenues exceeding US$10 billion) following state-sponsored advanced persistent threat cyber-attacks targeting internal corporate data, i.e., where external direct expense on investigation and recovery have exceeded US$25 million
- Insider threat. Lead advisor to technology companies following discovery that critical intellectual property had been improperly handled by employees or vendors, supervising key crisis work-streams such as interrogation of employees, expert forensic investigation, dark web research, and other damage assessment, communications with external stakeholders, and internal remedial actions, and follow on whistleblower issues
- Ransomware. Advised medical device and other organizations regarding global WannaCry ransomware infection impacting critical equipment or systems in use in hospitals worldwide
- Personal data. Supervise forensic, investigatory, insurance, advisory, litigation work-streams in connection with theft or leakage of consumer or employee data on behalf of dozens of clients in consumer, healthcare, retail, professional services, and technology sectors
- Enforcement. Represented multi-billion dollar healthcare provider in HHS investigation and resolution of violations of HIPAA associated with inadvertent leakage of patient data to the internet
- Enforcement. Defending confidential retail client (>US$18 billion revenue) in connection with two successive FTC investigations of adequacy and reasonableness of information security and anti-fraud measures in connection with website and mobile application (closed voluntarily without public disclosure)
- Enforcement. Defended VIZIO in a year-long investigation by the US Federal Trade Commission (FTC) concerning VIZIO's data collection and use practices. In this precedent-setting enforcement action, the FTC established a new industry standard for data collection from Smart TVs
- Selected counsel. Competitively selected as designated outside counsel on data security matters for multi-billion dollar enterprises, across diverse industry sectors for confidential clients, including asset managers, global telecommunications conglomerate, global retail and investment bank, commercial airline, global accounting firms, global engineering firms, healthcare providers, technology companies, online and retail companies
- Investigated, assessed, and remediated compliance with diverse global data protection laws and standards on behalf of multi-billion global enterprise related to use of cloud computing, reasonableness of security program, compliance with laws restricting export of personal data to servers in the United States written policies, and breach preparedness and response
- Advising software-as-service-provider on suspected distributed denial of service attack
- Regularly advising on strategic acquisitions and investments on behalf of large financial institutions, investors, private equity clients on due diligence in connection with investments, acquisitions, and public offerings in connection with cybersecurity risks
- Standing up corporate structure, regulatory compliance, outsourcing agreements for a highly advanced, secure, interoperable technology platform for hospitals or other healthcare industry members, involving the exchange and processing of Protected Health Information to support treatment decisions