Twitter Logo Youtube Circle Icon LinkedIn Icon

United States > Media, technology and telecoms > Cyber law (including data privacy and data protection) > Law firm and leading lawyer rankings


Index of tables

  1. Cyber law (including data privacy and data protection)
  2. Data Privacy and Data Protection
  3. Leading lawyers: Hall of Fame
  4. Leading lawyers
  5. Next generation lawyers
  6. Rising stars

Next generation lawyers

  1. 1

Rising stars

  1. 1
Clifford Chance Ė Their Voices

Baker McKenzie LLP assists clients with a full spectrum of cybersecurity and data protection matters, including advisory work, transactions and crisis management, data breaches and incident prevention and response, regulatory and internal investigations, disputes and litigation. The practice is headed by Chicago-based Brian Hengesbaugh. Other names to note are Washington DC-based David Lashway, who is well versed in cybersecurity, crisis management, internal investigations, and complex criminal, civil and administrative litigation; John Woods (DC), Michael Egan (Boston) and Jennifer Seale (DC); Palo Alto-based Lothar Determann, who specializes in CCPA; Chicago-based Amy de La Lama; and associate Brandon Moseberry in Chicago. The client portfolio includes Booking, Geotab and Pizza Hut.

DLA Piper LLP (US)¬†assists clients with compliance in relation to transnational, federal and state privacy and security regulations, industry best practices and self-regulatory initiatives. Based in Washington DC, practice head Jim Halpert¬†has been advising the State Privacy and Security Coalition on stopping a number of bills which reintroduced at the state level asymmetrical ISP-only privacy rules from the FCC, repealed by Congress in March 2018.¬† Miami-based¬†Carol Umhoefer¬†has been assisting Pfizer with all aspects of its GDPR compliance program, while Atlanta-based Saxby Chambliss¬†has been working with the US Chamber of Commerce on a report on the importance of reducing barriers to transnational sharing of cybersecurity threat information. San Francisco‚Äôs Rena Mears, who is well versed in privacy and cybersecurity assessments, program and control design, data mapping and program and vendor-risk management, is another key contact.¬†Margo Tank¬†joined the Washington DC office from¬†Buckley LLP¬†in January 2018, and¬†Andrew Serwin,¬†‚Äėa person of rare skills', joined the San Diego office from Morrison & Foerster LLP¬†in 2019.

Hogan Lovells US LLP¬†provides ‚Äėtremendous help‚Äô to global businesses on cybersecurity governance, compliance and risk management ‚Äď particularly with reference to the EU's General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) - as well as breach response and litigation resulting from high-profile data breaches. The practice is headed by the ‚Äėkey author of privacy regulations‚Äô,¬†Marcy Wilder, who specializes in complex cyber-attacks, privacy investigations and data protection work in digital health, and Harriet Pearson. Pearsonhas been assisting consumer credit reporting agency Equifax before the Federal Trade Commission (FTC) and the Consumer Financial Protection Bureau (CFPB) with regard to the client‚Äôs 2017 data breach, which affected 145m consumers. Uber and Salesforce are other notable clients. Key contacts also include litigator Michelle Kisloff, the ‚Äėhighly skilled‚Äô Bret Cohen, senior counsel¬†Christopher Wolf¬†and senior associate Paul Otto, who is ‚Äėvery well versed in technical matters‚Äô. Named individuals are based in Washington DC.

The 'excellent‚Äô Hunton Andrews Kurth LLP¬†specializes in large-scale cybersecurity attacks, implementation of GDPR requirements for US-based multinational companies, board advisory work on privacy and data protection, international data transfer mechanisms, compliance with CCPA and the Health Insurance Portability and Accountability Act (HIPAA), and preparation and prevention of cyber events. Practice head¬†Lisa Sotto¬†has been assisting Yahoo! with two huge cyber-attacks and related class action lawsuits and, together with Brittany Bacon, who was made partner in April 2018, has been advising companies such as Western Union and Tiffany on global data protection and privacy. The ‚Äėincredible‚Äô¬†Aaron Simpson¬†and Washington DC-based Phyllis Marcus¬†and Paul Tiao¬†are other key contacts. Named individuals are based in New York unless otherwise indicated.

‚ÄėAt the top of its game‚Äô,¬†Morrison & Foerster LLP¬†focuses on high-profile data breaches, enforcement actions and privacy compliance matters. Clients span the consumer products, manufacturing, retail, healthcare, pharmaceutical, transportation, food and beverage, hospitality, insurance and financial sectors. New-York based co-head¬†Miriam Wugmeister‚Äôs ‚Äėguidance and experience is invaluable‚Äô. She has been assisting a number of global industry leaders with their compliance with GDPR and CCPA.¬†Julie O‚ÄôNeill¬†and Purvi Patel, who are based in Washington DC/Boston and Los Angeles respectively, have been acting for Unity Technologies in two putative class actions alleging the violation of the Children‚Äôs Online Privacy Protection Act (COPPA) by Disney and Viacom mobile gaming apps, which use the client‚Äôs software. The ‚Äėmaster‚Äô Nathan Taylor¬†and¬†John Carlin¬†(both based in Washington DC) and New York-based associate¬†Melissa Crespo¬†are other key team members.¬†Kristen Mathews¬†joined the New York office from¬†Proskauer Rose LLP¬†in March 2019.

In January 2019, the ‚Äėunusually skilled litigator‚Äô Douglas Meal,¬†Heather Sussman,¬†Michelle Visser¬†and¬†Seth Harrington¬†joined¬†Orrick, Herrington & Sutcliffe LLP¬†from Ropes & Gray LLP. Sussman leads the newly launched Boston office, which also includes Meal and Harrington; Visser is based in San Francisco. Aravind Swaminathan, who is based in Seattle and co-heads the practice with Washington DC‚Äôs Antony Kim, has been advising the City of Seattle on data privacy and security matters, including data sharing restrictions, protection of law enforcement and sensitive information, public records management requiring technical cyber intelligence as well as the privacy ramifications of new technologies. The team has also acted successfully for Microsoft in a dispute against the US Government, in which the latter‚Äôs ability to obtain emails stored on servers in Ireland was challenged.

Baker & Hostetler LLP specializes in regulatory and litigation issues, focusing on security and risk assessments, proactive training for incident response and compliance counseling, as well as on legal matters related to blockchain, digital currency and artificial intelligence. Practice head Theodore Kobus III from the New York office and Cincinnati-based Craig Hoffman have been advising cable, satellite and broadcast television network QVC on general privacy compliance, including compliance with CCPA, and data incident response plans. The team has also been defending hotel chain Marriott in a number of class actions generated from the massive data breach reported by the client in September 2018. Forever 21 and Hawaii Electric are other notable clients. Washington DC’s Laura Jehl, Houston’s Will Daugherty and New York’s Melinda McLellan are also recommended.

Cooley LLP bases its activities on compliance and strategy, transactional support to clients, breach preparedness and response, as well as privacy and data security litigation and investigation. The practice is headed by San Francisco-based Michael Rhodes and Matthew Brown, who successfully defended Facebook in a number of class actions filed across the country and following the client’s alleged use of 'browser cookies'. The team has also acted in class action litigation for Google, whose product Gmail had allegedly violated the California Invasion of Privacy Act and the Electronic Communications Privacy Act, and for Here Media, dismissing the claim that the client had failed to keep subscribers’ sensitive information secure. Colorado-based David Navetta and New York’s Boris Segalis, who have been advising life science companies, insurance brokers, financial institutions, media organization and retailers on GDPR compliance, are other key members of the team. In January 2019, litigator Travis LeBlanc joined the Washington DC and San Francisco offices from Boies Schiller Flexner LLP.

Debevoise & Plimpton LLP¬†has ‚Äėvery deep expertise‚Äô in a wide range of cybersecurity matters, including incident preparation, response and investigation, related civil litigation and regulatory defense, and national security issues. The practice is headed by Washington DC‚Äôs Luke Dembosky, who is ‚Äėa trusted adviser¬†in very high-stress, high-risk situations‚Äô, and New York‚Äôs Jeremy Feigelson. New York‚Äôs Jim Pastore¬†is ‚Äėincredibly knowledgeable, precise and detailed‚Äô. The team has been advising PayPal, the NBA and other clients on privacy and data security issues, including compliance with GDPR and CCPA. Other highlights include assisting Royal Bank of Canada with the response to a data breach at the client's vendor Expedia.

As ‚Äėone of the most responsive and attentive data security law firms‚Äô,¬†Goodwin¬†is experienced in data breaches and incident response, regulatory investigations, litigation, transactions and M&A, and advice on GDPR. Practice head¬†Brenda Sharton¬†‚Äėhas been advising clients since the early days of data security and privacy‚Äô. Highlights include assisting cloud-based identity and access management provider OneLogin with a data breach in which an unauthorized user gained access to the client‚Äôs US database, and acting for several businesses in consumer class actions, government investigations and enforcement actions alleging violations of the Telephone Consumer Protection Act (TCPA). Washington-DC based Karen Neuman¬†and the ‚Äėvery notable‚Äô David Kantrowitz, who was made counsel in January 2019, are other key contacts. Named individuals are based in Boston unless otherwise indicated.

Latham & Watkins LLP's data privacy and security team is headed by Washington DC’s Jennifer Archie, San Francisco’s Michael Rubin and New York’s Serrin Turner. Archie has been advising consumer electronics company Vizio on global data privacy and security matters, including the client’s potential expansion of smart television sales outside the US and into markets with different data protection laws. Rubin and Serrin have been assisting Facebook as leading global counsel with the investigation, preparation and handling of regulatory submissions and litigation in relation to the client’s September 2018 data breach. The client portfolio also includes Apple, Lyft and LG Electronics.

Brian Finch and Deborah Thoren-Peden head Pillsbury Winthrop Shaw Pittman LLP’s practice from Washington DC and Los Angeles respectively. Finch specializes in cybersecurity, national defense and intelligence policies, while Thoren-Pedersen has advised US-based fintech and bank holding company Green Dot on regulatory and privacy aspects of its acquisition of online distribution channel AccountNow. Mercedes Tunstall, who is also based in Washington DC, assists clients from a wide range of industries with mobile and other e-commerce initiatives, as well as with the use of social networking sites for marketing, customer service and crowdsourcing purposes. Los Angeles-based senior counsel Catherine Meyer, who works with financial institutions, is another name to note.

‚ÄėOn the leading edge‚Äô of cyber law, Proskauer Rose LLP¬†has longstanding experience in privacy and data security compliance, corporate transactions, litigation, labor and employment and healthcare. Litigator Margaret Dale, who is ‚Äėcalm and confident in the stressful cyber law environment‚Äô, advised men's clothing retailer Charles Tyrwhitt on a putative class action brought against the client under the Wiretap Act, obtaining a complete dismissal. Other clients include companies from the telecoms, financial services, insurance, utilities, arts and sport sectors. Associate Tiffany Quach¬†is ‚Äėfantastic to work with‚Äô.¬†Kristen Mathews¬†joined¬†Morrison & Foerster LLP¬†in March 2019. All named individuals are based in New York

Trusted Advisor - with Finnegan

In a cross-platform collaboration between GC magazine and leading IP law firm Finnegan, key partners and senior in-house clients explore the challenges for women in assuming leadership roles in the legal profession.

Reed Smith LLP focuses on litigation, data breaches, compliance and risk management and FTC enforcement. The practice, headed by New York’s Anthony Diana, has been acting as leading counsel on privacy and cybersecurity matters for companies across various industries, including advertisement, healthcare, finance and manufacturing. Diana and Therese Craparo, who is also in New York, have been advising a client on data risk management related to the divestiture of its businesses worldwide. Washington DC’s Gerry Stegmaier, who specializes as a litigator in corporate governance, IP and internet issues, is another name to note. Counsel Xiaoyan Zhang joined the San Francisco office from Mayer Brown, while Mark Melodia and Paul Bond left to Holland & Knight LLP.

Steptoe & Johnson LLP advises clients on global privacy and data security issues, including data breach prevention and response, compliance, regulatory investigations and class action lawsuits following data breaches. New York-based practice head Michael Vatis has been assisting the global supplier of electronic learning products for children, VTech, with the response to a hack of customer information and the resulting US and international regulatory enforcement investigations. Other key team members of the Washington DC office include Alan Cohn, who specializes in cybersecurity, blockchain and distributed ledger technology issues, Stewart Baker and cryptocurrency expert Jason Weinstein.

The ‚Äėup-to-date and comprehensive‚Äô Washington DC-based¬†e-commerce, privacy and cybersecurity¬†team at¬†Venable LLP¬†is headed by ‚Äėtop privacy lawyer‚Äô Stuart Ingis¬†and Emilio Cividanes, who specialize in crisis management and class action litigation, representing clients before Congress, the FTC and other institutions and agencies. Michael Signorelli¬†advises marketers, advertisers, trade associations, e-commerce firms, retailers, social platforms and technology providers on privacy and consumer protection matters. Highlights included acting as general and policy counsel for the Digital Advertising Alliance (DAA) and assisting the American Association of Advertising Agencies (4A) with GDPR compliance. Thomas Boyd¬†joined from¬†DLA Piper LLP (US)¬†in May 2018.

At the ‚Äėvery responsive and creative‚Äô WilmerHale, D Reed Freeman,¬†who heads the practice with the ‚Äėpractical and always available‚Äô Benjamin Powell, has been assisting a fintech company on privacy and data security issues in relation to its use of transaction data to provide advanced analytics, insights, and advertising services to clients. Heather Zachary¬†has been advising Barclays on a joint venture involving the development and launch of an innovative payment technology platform. The client portfolio also includes Google, Adobe and Boeing. All named individuals are based in Washington DC.

Akin Gump Strauss Hauer & Feld LLP assists clients with a wide range of cybersecurity matters, including advocacy and counseling on the CCPA and other regulatory frameworks, compliance work, M&A diligence, data sharing agreements, board advisory work, innovation-related services as well as investigation and litigation. The practice is co-headed by Natasha Kohne and Michelle Reed, who are based in San Francisco and Dallas respectively. Kohne has been advising clothing manufacturer Alpha Industries on the management of an intrusion suffered by the provider of a digital commerce platform used by the client on its website. Reed assisted Texas-based tax and accounting firm Honza with a data breach involving stolen client information. Washington DC’s senior counsel Jo-Ellyn Sakowitz Klein is another name to note. Consumer class action litigators Meredith Slawe, Kathryn Deal and Michael Stortz joined from Drinker Biddle & Reath LLP in 2018.

At Arnold & Porter, Ronald Lee specializes in national security, cybersecurity, and government contracts matters. He and counsel Nancy Perkins have been advising clients on legal and policy aspects of internet, computer networks and cyber operations, including criminal and civil provisions, privacy, intellectual property and encryption. Litigator Kenneth Chernof acted for travel technology company Sabre in obtaining dismissal of a putative class action following a data security incident that affected the client’s reservation technology. New York-based Marcus Asner, who focuses on data breaches, cyber  crime, identity theft and credit card bust-out schemes, is another key contact. Named individuals are based in Washington DC unless otherwise specified.

The ‚Äėvery accomplished and expert‚Äô Richard Eisert¬†and Gary Kibel¬†head Davis & Gilbert LLP‚Äôs New York-based practice. The team is well known for advising clients with ‚Äėintelligence, confidence and clarity‚Äô, particularly on¬†data privacy and security issues related to¬†advertising, marketing and sales promotion law. Highlights included assisting a number of advertising agencies and brands with reviewing their ad tracking activities and promotions in compliance with the Children‚Äôs Online Privacy Protection Rule (COPPA). Counsel Oriyan Gitig, who assists clients with new media, technology and software development, licensing, advertising and intellectual property, ‚Äėexemplifies what an attorney and a professional should be‚Äô.

Gibson, Dunn & Crutcher LLP assists clients with investigations by the FTC and other regulatory bodies, EU data protection authorities’ enforcement, consumer class action litigation as well as criminal referrals and responses to regulatory inquiries. New York-based practice head Alexander Southwell and San Francisco’s Kristin Linsley have been acting for Facebook in a number of consumer privacy actions related to Cambridge Analytica’s alleged misuse of the client’s user data. Michael Li-Ming Wong, who splits between San Francisco and Palo Alto, and Los Angeles-based Eric Vandevelde have been advising Yahoo! on its opposition to plaintiffs’ motion for class certification in relation to the client’s 2016 announcement of two of the largest data breaches in the history of the internet. Uber and MySpace are other notable clients.

Kelley Drye & Warren LLP focuses on the intersection of privacy law, advertising and marketing law, and communications law, specializing in government investigations, practical compliance, and privacy and data protection disputes. Practice head Dana Rosenfeld advises Disney on a wide range of privacy and marketing issues, while Alysa Hutnik has been representing long-term client Dish Network before the FTC in a number of matters involving telemarketing compliance. The client portfolio also includes Bacardi and Harvard Business Publishing. Associate Jennifer Wainwright is recommended for her regulatory and transactional work with communications service providers. Named individuals are based in Washington DC.

Loeb & Loeb LLP’s practice is jointly led by New York-based Ieuan Jolly and Jessica Lee as well as Chicago’s Robert Newman, who joined the team with Monique Bhargava from Winston & Strawn LLP in May 2018. Jolly and Lee have been advising advertising and public relations companies as well as Regeneron Pharmaceuticals on their respective GDPR compliance projects, while Newman has been assisting clients with consumer data collection use and technological innovations. The chair of the New York-based advanced media and technology practice James Taylor is also well versed in data privacy and data protection work.

Manatt, Phelps & Phillips, LLP assists clients with litigation and enforcement, data breach response and preparedness, and privacy and data security counseling, with a specific focus on the healthcare industry. The practice, headed by Los Angeles-based litigator Donna Wilson, has been advising the California Health Care Foundation (CHCF) on compliance programs with various regulatory contexts, including HIPAA and TCPA, as well as on the production of a white paper discussing the challenges of data sharing in the fight against the opioid epidemic. New York eHealth Collaborative, Kia Motors and fashion retailer New York & Company are other key clients. Healthcare specialist Robert Belfort from the New York office and Orange County-based associate Brandon Reilly are also recommended.

Mayer Brown¬†handles work in incident preparation and breach response, litigation and government investigations, strategic counseling and corporate governance, vendor and supply-chain management, contracting and data transfers, regulatory and compliance, as well as policy and advocacy. Practice head Rajesh De¬†is based in Washington DC and specializes in legal and policy issues related to technology, national security, law enforcement and privacy. New York‚Äôs Lauren Goldman, who works in a ‚Äėwell-reasoned, concise, well-organized, and business-focused‚Äô way, acted successfully for Facebook in the purported Smith v Facebook class action, defending the client from the allegation of having used cookies to communicate with various healthcare websites and then used that information for marketing purposes. Shutterfly and Twitter are other notable clients. Washington DC‚Äôs Marcus Christian¬†and Los-Angeles-based litigator John Nadolenco¬†are also recommended.

The McGuireWoods LLP¬†team¬†has ‚Äėcritical legal and technical expertise‚Äô. Tysons-based practice head¬†Andrew Konia¬†‚Äėprovides excellent customer service and attention to detail‚Äô, advising clients on information governance, data protection programs and data breach response, as well as on privacy and security issues in vendor contracts and M&A and private equity transactions. Senior counsel Nathan Kottkamp, who is based in Richmond, has been assisting KPMG with its HIPAA work. Other key clients come from the telecoms, healthcare and transportation sectors. Charlottesville-based associate Ashley Matthews ¬†is ‚Äėa terrific lawyer‚Äô. In October 2018, Michael Adams left the practice and joined Palantir Technologies as senior executive in a non-legal position.

Ropes & Gray LLP’s areas of strength include privacy and security compliance, data breaches and intrusions, investigation defense and settlement negotiations as well as the development and implementation of corrective action plans. The practice is headed by Boston’s Marc Szpak, whose team has been assisting fast-food restaurant chain Arby’s against all third-party claims arising from a security breach which targeted customers’ payment card data. Other highlights included advising Nationwide Mutual Insurance Group on a 2012 cyber attack which has generated a number of class actions against the client. Marc Barnes and Deborah Gersh (from Boston and Chicago respectively) are recommended for healthcare work, while Boston’s Richard Batchelder is the name to note for litigation. In January 2019, Heather Sussman, Douglas Meal, Michelle Visser and Seth Harrington joined Orrick, Herrington & Sutcliffe LLP.

Along with compliance work, breach management and litigation, the ‚Äėincredibly client-focused‚Äô Seyfarth Shaw LLP¬†specializes in automotive telematics, blockchain, IoT, big data and usage-based insurance. The practice is jointly headed by Houston‚Äôs ‚Äėtrue expert‚Äô John Tomaszewski ¬†and security expert Scott Carlson¬†from the Chicago office. Tomaszewski and San Francisco‚Äôs Richard Lutkus, who is well versed in data security and encryption, assisted human resources services and technology company Morneau Shepell with due diligence for its acquisition of LifeWorks. Chicago-based Bart Lazar¬†has been advising a leading strategic communication firm and a well-known apparel manufacturer on GDPR compliance.

Sheppard, Mullin, Richter & Hampton LLP¬†is ‚Äėvery knowledgeable‚Äô in data breach, class action and litigation, technology transactions and privacy counseling as well as cybersecurity matters. The practice is headed by ‚Äėstandout‚Äô Liisa Thomas¬†and Craig Cardon, who are based in Chicago and Century City respectively. Thomas, Cardon and New York‚Äôs Kari Rollins¬†acted for fast-food brand Sonic as breach response and litigation counsel in connection with a data breach suffered by the client‚Äôs drive-in restaurants in 2017 and following class actions. San Diego‚Äôs Dr Shannon Petersen¬†assisted weight loss company Jenny Craig with a putative class action alleging the client‚Äôs violation of TCPA. Christine Clements, who specializes in HIPAA, joined the Washington DC office from¬†Crowell & Moring LLP¬†in April 2018.

Washington DC-based Buckley LLP has longstanding experience in advising financial services companies on cybersecurity and privacy-related matters. Key practitioners are Elizabeth McGinn, who specializes in risk evaluation and management as well as information security practices, litigator Antonio Reynolds, and regulatory expert Jeffrey Naimon. In 2018, former practice head Margo Tank joined DLA Piper LLP (US) and James Shreve left to Thompson Coburn LLP, while white-collar crime litigator Henry Asbill joined from Jones Day.

Cleary Gottlieb Steen & Hamilton assists clients with data protection regulation compliance in multiple jurisdictions, incident notification and response, privacy and cybersecurity provisions in vendor contracts, data usage and litigation. Litigator Jonathan Kolodner and IP transaction expert Daniel Ilan jointly head the practice. Highlights included advising Canada-based software company OpenText on data breaches, cybersecurity and privacy related to M&A and SEC disclosures, and assisting multinational conglomerate Honeywell with data transfer issues and global compliance with privacy and data protection laws. Washington DC-based Katherine Mooney Carroll  specializes in advice to financial institutions. Rahul Mukhi and Washington DC’s Alexis Collins were made partners in January 2019. Named individuals are based in New York unless otherwise specified.

Clifford Chance¬†has a cross-disciplinary practice which handles privacy and cybersecurity matters in relation to IP, antitrust, corporate transactions and litigation. The practice is headed by Megan Gordon, who is based in Washington DC and specializes in risk management, transactional due diligence, compliance and internal investigations, and the ‚Äėwonderful‚Äô Daniel Silver¬†from the New York office, whose expertise as a litigator includes regulatory enforcement and white-collar criminal defense. Key clients are from the financial, technology, media and telecoms, consumer goods and retail and automotive sectors. Washington DC‚Äôs Steven Gatti, who is well versed in regulatory matters across the financial services sector, is another name to note.

The ‚Äėsuper pragmatic‚Äô team at Fenwick & West LLP¬†has strong expertise in technology, focusing on matters related to digital health, biotech and life sciences, financial services and fintech, cryptocurrency and blockchain, gaming, consumer products as well as regulatory investigation, enforcement and class action litigation. The ‚Äėexcellent‚Äô Jim Koenig¬†and Tyler Newby¬†lead the practice from New York and San Francisco respectively. Highlights included assisting Uber with an FTC case in which the client has agreed to comply with an FTC consent decree concerning the creation of a system which allows Uber‚Äôs CEO and employees to access riders' and drivers‚Äô location and personal information; the decree was revised after it was revealed that the client had failed to disclose information on security incidents in 2014 and 2016, in which millions of Uber riders' and drivers' data was accessed. Facebook, Vizio and Otsuka Pharmaceutical are other notable clients. San Francisco‚Äôs Barbara Sondag¬†and Mountain View‚Äôs James Gregoire¬†are also recommended.

The ‚Äėamazing‚Äô Frankfurt Kurnit Klein & Selz PC¬†is well known for its expertise in cybersecurity and privacy matters in the field of digital advertising and publishing. The ‚Äėincredibly responsive‚Äô practice head Tanya Forsheit¬†is ‚Äėeverything you could ask for in an outside counsel‚Äô. She and counsel Daniel Goldberg, who is also recommended, have been advising media conglomerate Meredith Corporation on compliance with GDPR. The client base also includes Dunkin‚Äô and TaskRabbit. The ‚Äėoutstanding‚Äô Gregory Boyd¬†and Sean Kane¬†from the New York office are other names to note. Named individuals are based in Los Angeles unless otherwise indicated.

Jenner & Block LLP’s areas of strength include privacy and data security issues, policy audits related to relevant legislation, customized compliance programs as well as investigations, enforcement and litigation. Key clients are companies from the media and entertainment, advertising, gaming and financial sectors. The names to note are Washington DC’s David Bitkower, who specializes in investigations, compliance and defense; litigators David Saunders and David Layden, who are based in Chicago; and Washington DC’s Keisha Stanford, who assists clients with compliance, white-collar criminal defense, government enforcement and internal investigations. Former practice head Nancy Libin moved to Davis Wright Tremaine LLP in September 2018.

The ‚Äėtop-notch‚Äô Jones Day¬†team is headed by Los Angeles‚Äô Daniel McLoon. He and litigators John Vogt¬†and Adam Wiers¬†(based in Irvine and Chicago respectively) have acted for Experian in class actions related to the client‚Äôs alleged violation of the Fair Credit Reporting Act (FCRA) and to an identity thief accessing consumer records from databases allegedly owned by the client and two other companies. New York‚Äôs Mauricio Paez¬†has been advising Cardinal Health on data protection matters concerning the acquisition of new businesses and the implementation of a local data protection compliance program in various countries. Boston-based Lisa Ropple, who specializes in breach investigation and response, is ‚Äėa joy to work with‚Äô.

Headed by Ted Augustinos¬†in Hartford and Molly McGinnis Stine¬†in Chicago,¬†Locke Lord LLP¬†has ‚Äėgreat depth of experience and knowledge‚Äô. Augustinos has been assisting financial services holding company Torchmark with the design and delivery of education programs for producers focusing on compliance with the New York Department of Financial Services Cybersecurity Regulation. Houston‚Äôs Laura Ferguson, who specializes in employee benefits and privacy matters, is ‚Äėa valuable and very responsive‚Äô professional. Of counsel Tom Smedinghoff, from the Chicago office, is ‚Äėa top global expert in the field of e-commerce law‚Äô. He‚Äôs been advising Open Identity Exchange (OIX) and OpenID Foundation (OIDF) on the implementation of cross-border online identity management and authentication systems and standards.

The ‚Äėexcellent, practical and efficient‚Äô McDermott Will & Emery LLP‚Äôs practice is jointly headed from Boston, Los Angeles and Chicago by the ‚Äėextremely well-versed‚Äô Mark Schreiber, Michael Morgan, who ‚Äėhas a phenomenal understanding of his clients‚Äô business needs‚Äô, and Daniel Gottlieb, who ‚Äėis not only creative and smart, but also incredibly pleasant‚Äô. Highlights included assisting software publisher with data protection compliance matters related to the development of a mobile application designed to connect users to decentralized mobile applications that run on blockchain; and advising global provider of equipment and services for electric power systems S&C Electric on its obligations under GDPR.

At Morgan, Lewis & Bockius LLP, practice leaders Gregory Parks, W. Reece Hirsch  and Mark Krotoski (based in Philadelphia, San Francisco and between Silicon Valley and Washington DC respectively) have been advising a number of companies from the energy, financial, health, hospitality and retail sectors on compliance with CCPA. Parks and Philadelphia’s Ezra Church have been acting for department stores chain Hudson’s Bay in all class actions following a payment cards data incident involving client-owned brand banners Saks Fifth Avenue and Lord & Taylor. Start-up Blink Health, which offers a mobile app for consumers to access discounted medications outside of their health insurance plans, is a key client.

The ‚Äėvery responsive and practical‚Äô team at¬†Paul Hastings LLP¬†is headed by Behnam Dayanim, who specializes in cybersecurity and privacy, fintech and payments as well as advertising and gaming. Dayanim and¬†Robert Silvers¬†acted for international money remittance company MoneyGram before the Committee on Foreign Investment in the United States (CFIUS) in relation to national security concerns linked to the bid by Ant Financial, a $150bn fintech company backed by Alibaba, to acquire the client. The practice has also been advising Barclays on a number of data security matters. Sherrese Smith, who has in-depth expertise on GDPR legislation, is a ‚Äėgreat leader‚Äô. Named individuals are based in Washington DC.

Shook, Hardy & Bacon LLP’s areas of strength include biometric privacy, incident preparation and response, GDPR compliance, vendor management, international data transfer as well as litigation and dispute resolution. Practice head Al Saikali , from the Miami office, has been acting for a number of companies in several class action lawsuits based on alleged violations of the Illinois Biometric Information Privacy Act (BIPA). The practice also assisted the village of Wellington in Florida with its response to a 2018 data breach that affected residents who used the Click2Gov application to make payments, such as utility bill, parking ticket and license fee payments. Automotive company JM and Apollo Bank are also clients. Of counsel Camila Tobón, based in Denver, in-depth knowledge of data protection regulations worldwide.

Winston & Strawn LLP is jointly headed by Sheryl Falk in Houston and Steven Grimes, who splits between Chicago and Hong Kong. The practice specializes in privacy assessment, audits and compliance programs, IoT, cloud computing and outsourced technologies, internal forensic investigations, incident response and breach notification, theft of confidential information and trade secrets, data security class action litigation, cross-border data protection and transfer and GDPR compliance. The client portfolio includes companies from healthcare, financial services and telecoms. Robert Newman and Monique Bhargava moved to Loeb & Loeb LLP in May 2018.

Interview with...

Law firm partners and practice heads explain how their firms are adapting to clients' changing needs

International comparative guides

Giving the in-house community greater insight to the law and regulations in different jurisdictions.

Select Practice Area

The Legal 500 United States - Events

GC Powerlist -
United States

Press releases

The latest news direct from law firms. If you would like to submit press releases for your firm, send an email request to

Legal Developments worldwide

Legal Developments and updates from the leading lawyers in each jurisdiction. To contribute, send an email request to
  • B√§r & Karrer Advises Acushnet on the Acquisition of KJUS

    Acushnet Holdings Corp., the worldwide leader in the design, development, manufacture and distribution of golf equipment and wear, has announced the acquisition of KJUS, a Swiss-based ski and golf sportswear company.
  • AVELLUM advises on Ukraine`s first in over a decade Euro-denominated notes issue

    AVELLUM acted as the Ukrainian legal counsel to the Ministry of Finance of Ukraine on another milestone Eurobond deal. The issue by Ukraine of EUR1 billion notes with a 7-year tenor marks the first euro-denominated offering Ukraine has made in almost 15 years.
  • AVELLUM advises solar power plant developer on sale of solar project

    AVELLUM acted as the legal counsel to SM Invest Construction B.V., a solar PV plants developer, on the sale of shares in the holding company, which owns the underlying assets to develop a 148MW solar power plant in Mykolaiv region. Scatec Solar, a leading and globally acting solar energy producer, acted as the purchaser.
  • B√§r & Karrer Advised Cembra Money Bank on the Financing of the Acquisition of cashgate

    Cembra Money Bank has agreed to acquire cashgate. The purchase price for the acquisition of cashgate and the refinancing of cashgate's loan portfolio is partly backed by a bridge facility and is financed and refinanced by the sale of treasury shares (gross proceeds of CHF 112.8 million) in an accelerated bookbuilding, the placement of CHF 150 million perpetual additional Tier 1 bonds and CHF 250 million net share settled convertible bonds.
  • B√§r & Karrer Successfully Represents PNK Group Company in SCAI-Arbitration

    Bär & Karrer successfully represented a company acting under the trademark of PNK Group, a major developer of industrial facilities in Russia, against a Western European concrete plant engineering and manufacturing company in a SCAI-arbitration concerning the delivery of (defective) equipment. After full-fledged proceedings including a hearing with several technical experts, the client was awarded partial rescission of the contract (as requested) with returning of certain defective equipment against refund of its cost, a substantial price reduction with regard to the rest of the equipment, as well as a contractual penalty payment and reimbursement for 75% of all legal costs. Team members were Matthew Reiter and Désirée Schreyer (both arbitration).
  • What extra powers does a criminal prosecution provide in your area?

    The following article discusses session three in the IR Global Virtual Series on 'Freezing Assets - The mechanics behind cross-border injunctions'
  • If you are a UK business can you hire a student who has Tier 4 study Visa?

    Gulbenkian Andonian employs some of the top immigration lawyers in London and can be of valuable assistance if you are a company wanting to explore your options in hiring Tier 4 student visa holders.
  • Paper Applications for the EU Settlement Scheme

    The UK will leave the EU later this year at the end of October and preparations have started to take place on behalf of EU and EEA citizens to secure their immigration status in the UK before this happens.
  • Double Tax Treaty between Cyprus and Kazakhstan

    A DTT between Cyprus and Kazakhstan has been signed and ratified by Cyprus on the 15th of May 2019. The DTT is expected to “enter into force’ as from the 1st of January 2020, provided that the various legal procedures involved are finalized. Kazakhstan currently has the largest and strongest performing economy in Central Asia.
  • General requirements to advertising in Ukraine

    The main legal act regulating legal relations in the field of advertising is the Law of Ukraine  On Advertising . The implementation of the Law in practice requires a detailed analysis and practical experience. The fulfillment of the requirements of the Law and other regulatory legal acts regulating advertising relations in Ukraine is a guarantee that government agencies in Ukraine, such as the Antimonopoly Committee of Ukraine, the State Inspection of Consumer Protection of Ukraine will not be able to start an advertiser's check.

Press Releases worldwide

The latest news direct from law firms. If you would like to submit press releases for your firm, send an email request to