practice area icon

Privacy & Cybersecurity

Complying with the complex web of state and federal privacy and data security laws is more important than ever, considering the increasing risk of government enforcement and consumer class actions. We help clients navigate this challenging legal landscape of privacy law acronyms (CCPA, CPRA, GDPR, GLBA, HIPAA, etc.), with a sharp eye on our clients’ business needs. We also defend clients in government enforcement actions and class action lawsuits resulting from alleged privacy law violations and data breaches.

Ready to get started?

Submit your case online

Privacy laws are complex. We can help.

Our privacy and cybersecurity practice offers full-service solutions from evaluating ongoing compliance requirements, to preparing privacy policies and contracts, to litigating high-stakes data privacy and security cases.

Our team stays updated on emerging and evolving privacy and cybersecurity laws to efficiently and expertly counsel clients on a range of issues from routine regulatory compliance to complex and novel situations, and we help businesses minimize legal risks while meeting commercial objectives.

We have years of experience navigating the ever-growing patchwork of state, federal, and international privacy and data security laws that are applicable to internet and technology businesses.

We help counsel clients on a wide variety of privacy and cyber laws, including the California Consumer Privacy Act (CCPA) and the newly-passed California Privacy Rights Act (CPRA). We also assist clients navigating the European Union’s General Data Protection Regulation (GDPR), state data breach and other data security laws, the Telephone Consumer Protection Act (TCPA) and Telemarketing Sales Rule (TSR), the Restore Online Shoppers’ Confidence Act (ROSCA), the Electronic Funds Transfer Act (EFTA), California’s Automatic Renewal Law (ARL), the Fair Credit Reporting Act (FCRA), the Children’s Online Privacy Protection Act (COPPA), the Health Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach-Bliley Act (GLBA), and federal and state anti-SPAM laws.

Our firm has represented defendants in high-stakes litigation involving data privacy and data breach issues, including investigative and enforcement actions by the Federal Trade Commission (FTC) and state Attorney Generals, as well as in private litigation. We also advocate for victims of unauthorized hacking and security breaches.

Our attorneys have a depth of knowledge on preparing tailored and informative privacy policies and other privacy agreements for a wide range of business models, including for social media companies and platforms, high-risk e-commerce and other online merchants, affiliate and other internet advertising companies, lead generation businesses, communications providers, and technology companies. We understand the growing and complex realm of internet and technology laws, including regarding the Internet of Things and artificial intelligence.

We also advise clients on measures to strengthen compliance with data security regulations, and we represent clients involved in data breaches, including where companies and victims need to take action quickly to remediate security vulnerabilities and determine what sort of notification, if any, needs to be provided to consumers and state Attorneys General.

We welcome you to submit the details of your privacy or cybersecurity matter using our online case submission form or by calling us at 415-955-1155, ext. 120.


+ Represented a financial services client in a swift settlement with the FTC, which alleged privacy and security violations, and advised client in ongoing privacy and security compliance.

+Represented restaurant and hospitality conglomerate regarding a data breach and extortion matter.

+Advised a major digital media company concerning how the theft of its encrypted database of users may have triggered state data breach laws.

+Advised a client on the investigation of the theft of a Fortune 500 company's database containing customer information and credit card numbers.

+Represented the U.S. Chess Federation in a lawsuit involving unknown parties hacking into the email account of a member of the board of directors of our client and stealing information regarding the internal investigation of two other directors of the organization.

Read More

+Advised tax consulting business involved in a data breach on how to mitigate the harm and provide legal notices to consumers and law enforcement.

+Represented a top retailer of ink and toner products in lawsuit against former employee who gained unauthorized access to client’s server, took trade secrets and disclosed them to ex-employee’s new employer, which was a direct competitor of our client.

+Represented a medical records imaging technology company in a lawsuit against an unknown person who hacked into the client’s network.

Have a Privacy & Cybersecurity Matter?

We welcome you to submit your details using our online case submission form

Submit your case online


by giving us a call at


ext. 120 for new legal matters

Open Newsletter Signup Popup