Overview
Rothwell Figg's Privacy and Data Protection practice is guided by a team with an extraordinary level of specialized knowledge and deep technical backgrounds in fields directly related to this rapidly evolving practice area, including artificial intelligence and computer/data science. The majority of our team members are also Certified Information Privacy Professionals in the United States (CIPP/US).
Privacy is no longer an issue that only certain businesses have to consider. Privacy is something that every business should address (and re-address, regularly). That said, we also realize that not all companies' privacy and data protection issues are the same, and there is no “one size fits all” solution. We are adept at surveying our clients to determine what privacy laws apply and their goals, and working with them – and their budget – to address their privacy needs. We work with our clients to determine updates to data maps, draft privacy policies, and conduct annual reviews and updates of privacy policies.
We also help our clients tackle privacy-related issues that arise due to changes in their business, changes in the law, and/or decisions from courts or administrative agencies. Some of these issues involve apparent conflicts in the law (e.g., privacy law says to disclose, and trade secret law says to maintain as confidential); newly-evolving areas of the law (e.g., does use of artificial intelligence need to be disclosed in a privacy policy); and how “old laws” should apply to new technologies (e.g., are websites using chatbots violating wiretapping laws). We have advised clients across a diverse range of industries, from high fashion to publishing, medical technology, and manufacturing.
We also track state privacy laws and privacy-related court and administrative agency decisions, and provide counselling and tutorials to clients on the ever-evolving landscape. We have guided clients through numerous statutes and regulations. Some of the more common statutes that we have advised on include the California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), Virginia Consumer Data Protection Act (VCDPA), Illinois' Biometric Information Privacy Act (BIPA), and Washington’s pending My Health My Data Act (MHMDA). We have also advised on some more targeted privacy laws, such as the Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM), state wiretapping laws, and the Telephone Consumer Protection Act (TCPA), among others.
In addition to advising clients on privacy matters, our privacy and data protection team advises clients on a variety of other data protection issues and subject areas, including: artificial intelligence (AI)/machine learning, data scraping practices, Internet of Things (IoT), cryptocurrency, bot mitigation, blockchain, fintech, bioinformatics, connected device technology, wearables, big data, computer science, and adtech/targeted advertising. Once we gain a thorough and detailed understanding of a client’s business, we work across the entire data life cycle, from creation to processing, aggregation, and transmission. Our team’s deep technical knowledge is a real asset in being able to partner with our clients to address new legal issues with developing technologies.
We emphasize a hands-on, business-oriented approach in all of our counselling. We give clients workable, real-world guidance in the legal implications of data-related issues. We see our role as providing clients with specific, applicable recommendations, as well as assisting them in foreseeing potential issues, all provided in the context of their specific business goals. Even cutting-edge, technology-oriented companies are often unaware of the risks and potential liabilities embedded in their everyday operations. We help them daylight it, and manage it.
