Antony (Tony) Kim is Global Co-chair of Orrick's internationally recognized Cyber, Privacy & Data Innovation practice, which pursues "an aggressive yet practical approach" to data protection and innovation that "meets the needs of both in-house counsel and tech-savvy business clients."

When faced with a cybersecurity crisis, companies call on Tony to help navigate critical legal, risk and reputational landmines. Tony has helped clients respond to hundreds of cyberattacks and data breaches. He has directed forensic investigations, cross-border notifications, and defended enforcement actions and civil litigation, in connection with incidents involving the personal information of employees and customers, including PCI/payment card data, as well as proprietary data and corporate trade secrets, and on behalf of private and public companies as well as governmental entities.  Tony has also defended over fifty clients in regulatory investigations conducted by the Federal Trade Commission and State Attorneys General into cybersecurity, data privacy, and consumer issues around e-commerce and innovative data use-cases.  In his counseling capacity, Tony works on proactive cyber resiliency, board governance, and regulatory compliance programs across a host of security, privacy, and data "life cycle" issues.

For his work on behalf of clients, the National Law Journal named Tony to its 2014 list of D.C. Rising Stars, a 40-under-40 group of "game changing" private, government and public interest attorneys. Based on surveys of general counsel and senior in-house lawyers, Tony was awarded the Client Choice Award by the International Law Office (ILO)/Lexology in 2015, and was named an Acritas Star Lawyer in 2016 and 2017.  He is recognized in multiple legal guides and directories, including Chambers-U.S.A., The Legal 500, Benchmark Litigation, Super Lawyers D.C. Rising Stars, and The Cybersecurity Docket, which twice named Tony to its "Incident Response 30" list of the top professionals to call when facing a major cyberattack.  In 2016, Law360 named Orrick's Cyber, Privacy & Data Innovation practice "Practice Group of the Year" in the data protection category.

  • In addition to leading the Cyber, Privacy & Data Innovation practice, Tony has extensive experience in the full gamut of antitrust and competition matters, including the defense of mergers and acquisitions before the federal antitrust agencies, defense of criminal cartel proceedings, and civil litigation. 

    Before joining Orrick, Tony was a member of the antitrust litigation practice group at White & Case LLP in Washington D.C.  Prior to law school, he worked in Philadelphia as an investment consultant for corporate defined benefit and defined contribution plans. 

  • A representative selection of Tony's Cybersecurity & Data Privacy experience, includes the following:

    • Cybersecurity/Incident Response. Tony works with in-house legal departments, C-Suites, Boards of Directors and IT teams on proactive corporate cybersecurity preparedness programs and risk mitigation strategies. He is regularly before Boards of Directors on critical cybersecurity training and compliance matters. He has also directed forensic investigations, cross-border notifications, responses to regulatory enforcement actions, and civil defense strategies, and in total, has helped companies response to hundreds of cyberattacks and data breaches involving personal information of employees and customers, such as payment card data, as well as proprietary data and trade secrets, and on behalf of private and public companies as well as governmental entities.
    • Data Privacy/Sales & Marketing. Tony has worked with brick-and-mortar and online companies across industries to design and develop effective privacy disclosures, privacy-by-design processes, enterprise-wide privacy and data security programs, online and offline marketing strategies, and a host of other data-handling compliance mechanisms and policies.
    • Regulatory Investigations. Tony has defended clients in federal and state regulatory investigations across the country across diverse security, privacy and consumer issues.  His work has included representations on behalf of:  a national ticketing and events company in an FTC and investigation by 25 States; a consumer marketing company in an FTC investigation following a consent decree requiring privacy disclosures and security assessments; an online marketplace lender in an FTC investigation involving advertising practices and claims substantiation issues in the fintech marketplace; an online retailer in an FTC investigation involving "negative option" marketing programs; ; a national mobility device maker in investigations by the FTC, New York, New Jersey, Ohio, Pennsylvania and Washington attorneys general involving the Telemarketing Sales Rules (TSR), the Do-Not-Call Rules (DNC), and state analogs; a social gaming network in an investigation by the FTC involving the Children’s Online Privacy Protection Act (COPPA); and a national mortgage company in an FTC investigation involving the Gramm Leach Bliley Act (GLBA) and Fair Credit Reporting Act (FCRA).
    • Civil Litigation. Tony has led or co-led the defense in numerous consumer class actions, including in the Northern District of Illinois and Southern District of Florida on behalf of several companies against claims under the Telephone Consumer Protection Act (TCPA) for SMS-text message marketing; in the Southern District of Florida on behalf of a high fashion boutique against claims under the Fair and Accurate Credit Transactions Act (FACTA) for allegedly non-compliant, point-of-sale receipts; in four federal and three state class actions on behalf of a national merchant credit card provider against alleged violations of the Credit Repair Organizations Act (CROA) and the Fair Credit Reporting Act (FCRA) provisions on “firm offers” of credit. 

    Tony also has extensive experience in all facets of the Antitrust and Competition area, including: 

    • Mergers & Acquisitions, where Tony has led or co-led the defense in merger investigations before the U.S. Department of Justice’s Antitrust Division and U.S. Federal Trade Commission, on behalf of clients such as IronPlanet (online auctions and related disposition formats), Blackfriars (polymer products distribution), Elance (online freelancer platforms), Crane Co. (unattended payment systems), Instagram (mobile photo-sharing app), BASF (specialty chemicals), INEOS Group (styrenics plastics), NOVA Chemicals (styrenics plastics), Exxaro Resources (mineral sands), CoorsTek (alumina wear tiles) and New Times Media (alternative newsweeklies);
    • Cartel Investigations, where Tony has experience conducting internal investigations and defending companies in criminal proceedings before the U.S. Department of Justice’s Antitrust Division, including investigations involving Parcel Tankers, DRAM/SRAM, and a variety of Auto Parts; and
    • Civil Litigation, where Tony served on litigation/trial teams on behalf of plaintiffs and defendants in state, federal and arbitration proceedings, such as DHL (as “opt-out” plaintiff in relation to the Air Cargo price-fixing class actions), Microsoft (as defendant in an ITC proceeding involving the “patent misuse” defense), Whole Foods Market (as plaintiff in a multi-prong strategy in response to the FTC’s post-consummation challenge to the Wild Oats acquisition), Halcor S.A. (as defendant in a federal price-fixing class action), SF Weekly (as defendant in a California state predatory-pricing action) and Foundry Networks (as antitrust counter-claimant in a case involving alleged abuses in the standard-setting context).