Background - Practices (Details)
Privacy & Cybersecurity
CONTACTS +

Crowell & Moring's Privacy & Cybersecurity Group guides clients through the myriad federal, state, and international laws governing the collection, use, transfer, and protection of data. We provide practical advice that permits our clients to address privacy and cybersecurity issues in a manner appropriate to their business needs and to the risks that they face.

We use an enterprise-wide approach to counsel our clients. Our experience cuts across multiple industries and involves nearly every practice group in the firm. We integrate Crowell & Moring's intellectual property, corporate, insurance, white collar, trade secrets, health care, energy, transportation, and government contracts capabilities to address the privacy, cybersecurity, and other risks faced by our clients. We use our deep knowledge of our clients' business needs and the industries in which they operate to help them develop effective and practical privacy and cybersecurity policies, procedures, and strategies.

All businesses are susceptible to cyberattacks and to other internal and external threats to their data and systems. Retailers, government contractors, critical infrastructure companies, manufacturers, financial services companies, and educational institutions are increasingly being targeted because of the business, financial, and personal data that they possess and because of the significant public impact of disrupting their business operations. On the front end of our integrated approach to risk mitigation, we counsel and train companies on strengthening their cyber defenses, developing and implementing global privacy and data protection programs, complying with applicable laws, and incorporating government standards and industry best practices into their risk management program. On the back end, we have extensive experience in responding to and managing the crises that can arise when a privacy or data security incident occurs or when a privacy or security vulnerability is made public. We routinely deal with federal and state enforcement agencies and defend clients against class actions arising from incidents involving personal information. We also have extensive experience addressing global privacy issues.