Antony (Tony) Kim is Global Co-chair of Orrick's internationally recognized Cyber,
Privacy & Data Innovation practice, which pursues "an aggressive yet practical approach" to data protection and innovation that "meets the needs of both in-house counsel and tech-savvy business clients."
When faced with a cybersecurity crisis, companies call on Tony to help navigate critical legal, risk and reputational landmines. Tony has helped clients respond to hundreds of cyberattacks and data breaches. He has directed forensic investigations, cross-border notifications, and defended enforcement actions and civil litigation, in connection with incidents involving the personal information of employees and customers, including PCI/payment card data, as well as proprietary data and corporate trade secrets, and on behalf of private and public companies as well as governmental entities. Tony has also defended over fifty clients in regulatory investigations conducted by the Federal Trade Commission and State Attorneys General into cybersecurity, data privacy, and consumer issues around e-commerce and innovative data use-cases. In his counseling capacity, Tony works on proactive cyber resiliency, board governance, and regulatory compliance programs across a host of security, privacy, and data "life cycle" issues.
For his work on behalf of clients, the National Law Journal named Tony to its 2014 list of D.C. Rising Stars, a 40-under-40 group of "game changing" private, government and public interest attorneys. Based on surveys of general counsel and senior in-house lawyers, Tony was awarded the Client Choice Award by the International Law Office (ILO)/Lexology in 2015, and was named an Acritas Star Lawyer in 2016. He is recognized by The Legal 500, Benchmark Litigation, Super Lawyers D.C. Rising Stars, and The Cybersecurity Docket, who named Tony to its inaugural "Incident Response 30" list of the top professionals to call when facing a major cyberattack. In 2016, Law360 named Orrick's Cyber,
Privacy & Data Innovation practice "Practice Group of the Year" in the data protection category.