Network engineer check racks at data center

Privacy, Cybersecurity & Data Protection

Smart In Your World
Data collection and storage has become a ubiquitous part of doing business, but the challenges of navigating the web of regulations can be daunting.

Our Focus

ArentFox Schiff’s interdisciplinary team of privacy, cybersecurity, and data protection attorneys handle the full scope of data security and protection issues. We serve a broad range of clients navigating Big Data today in spaces as diverse as health care, nonprofits and trade associations, telecommunications, retail, consumer products, gaming and entertainment, and media.

Our team advises fintechs, online lenders, and bank vendors on various matters involving: consumer loans, Terms of Use, disclosure issues, mobile banking technology, data privacy/protection, alternative credit scoring models, virtual currency, regulatory sandboxes and innovation, and general corporate compliance counseling. When regulatory or legal issues emerge, our team helps both established and emerging companies present their perspectives and present solutions in a way that allows business leaders to achieve their objectives before investors, agencies, and business partners.


We Plan Your Data Playbook

Our national team routinely advises on the biggest trends in privacy and data security, serving our clients at the local to international level. 

We regularly advise clients on how to protect their data at every stage, from advice and counseling to investigations, incident planning and response, insurance, and litigation.

How We Help

  • Internal security and governance programs
  • Ransomware incidents
  • Internal investigations in response to data incidents
  • Federal- and state-level regulatory compliance including FTC, FCC, and AG guidance and enforcement
  • Cyber threats and new technology systems
  • NIST, ISO, PCI-DSS, and other security standards
  • Payment security and mobile payment trends
  • Aggregate and anonymized data collection in advertising
  • Internet of Things (IoT)
  • Cross-border data transfer issues
  • EU General Data Protection Regulation (GDPR)
  • EU-US Privacy Shield
  • California Consumer Privacy Act (CCPA)
  • Biometrics and facial recognition
  • IT and third-party vendor agreements
  • Health information privacy, security, and breach notification

Key Contacts