Back to rankings
Pillsbury Winthrop Shaw Pittman LLP

Pillsbury Winthrop Shaw Pittman LLP

More information

United States • Media, technology and telecoms

4

Cyber law (including data privacy and data protection)

Pillsbury Winthrop Shaw Pittman LLP is equipped to handle the full spectrum of contentious privacy and cybersecurity matters, including FTC, SEC, and DOJ investigations and enforcement actions, data breach class actions, and civil actions under the Computer Fraud and Abuse Act. The firm is well-versed in data governance frameworks and compliance, including CCOA, CPRA, and COPPA. Los Angeles-based Deborah Thoren-Peden, Washington DC-based Brian Finch, and Mark Krotoski in San Francisco and Washington DC jointly lead the practice. Peden advises fintech companies, retailers, and automotive companies on electronic commerce and privacy issues. Finch covers a range of cyberattacks, national defense, and intelligence policy matters, while Krotoski is a seasoned litigator, noted for cybersecurity, trade secrets, and white collar cases.
Legal 500 Editorial commentary

Accolades

Client satisfaction: Lawyer & team quality
Client satisfaction: Billing & efficiency

Testimonials

Collated independently by Legal 500 research team.

  • Brian Finch is incredibly responsive and thoughtful, and has been instrumental in helping us navigate complex issues around the CFAA and our expanding presence in the federal space. He has a strong ability to distill nuanced legal risk into clear, actionable guidance. His advice has been critical not only in grounding our data collection activities in a defensible legal framework, but also in giving us the confidence to communicate those positions to customers and stakeholders. He understands both the legal landscape and the business context, which makes his guidance especially effective.
  • For a company that operates at the intersection of national security and data privacy, Pillsbury's deep knowledge of both the cyber threat intelligence space and global data privacy frameworks has been particularly valuable. The team demonstrates a strong ability to translate evolving and often ambiguous regulatory requirements into practical, business-oriented guidance that accounts for how our products actually function in the real world. What stands out is their fluency across multiple domains - not just privacy law in isolation, but also national security considerations, government contracting sensitivities, and the technical realities of data collection and threat intelligence. That combination is relatively rare and makes them especially effective compared to firms that approach these issues more narrowly. They are also highly collaborative and responsive. Their guidance is not overly academic - it is pragmatic, risk-calibrated, and aligned with commercial objectives, which is critical for a fast-moving technology company.
Practice head

Deborah Thoren-Peden; Brian Finch; Mark Krotosk