Our Cybersecurity & Data Privacy team develops right-sized legal solutions to help you address global data privacy compliance requirements and proactively manage cybersecurity risk to protect your brand and reputation.

Our global, interdisciplinary team comprises lawyers across the U.S., Europe and Asia. We provide clients with practical, creative and comprehensive guidance using our deep knowledge of, and experience with, cybersecurity and data privacy regimes across worldwide industries. We leverage strong relationships with domestic and international government regulators and agencies, data protection authorities, law enforcement agencies, industry experts and policy groups to bring a multi-faceted approach. Our objective is to help our clients manage risk while advancing their business priorities and growth.

Why Orrick?

  • GDPRPractical, operational advice across industries.  Our team is nationally ranked and globally recognized by publications such as The Legal 500, which highlights our “aggressive yet practical approach to solving cyber issues” that benefit both “in-house legal and tech savvy business clients.” Clients across industries have come to rely on our advice, whether it is financial services, travel and leisure, state agencies and municipalities, energy, or technology. In addition, our award-winning Trust Anchor blog provides insights into the latest cybersecurity and data privacy issues in the U.S., Europe and Asia, and has become a “go-to” resource for many clients that use it to spot important issues, train internal teams and implement practical operational takeaways.
  • Tech-savvy.  We love technology, and have deep experience with state-of-the-art tools and systems that innovators develop and use to collect, process, share and protect information across the data life cycle and that hackers use to disrupt businesses, and access and ex-filtrate personal information, trade secrets, and sensitive business information. To bridge silos and holistically manage cyber/privacy tech risks, we regularly interface with IT, InfoSec, engineering and product stakeholders, in addition to in-house legal departments, the C-suite and boards of directors.
  • Deep regulatory insight.  Our regulatory team includes a former state attorney general and former president of the National Association of Attorneys General, two former state chief deputy attorneys general, two former U.S. attorneys, a former Department of Justice CHIPs (Computer Hacking and Intellectual Property Theft Section) lawyer, as well as more than a dozen other federal prosecutors, a former advisor to a FTC commissioner, a former FTC trial lawyer, a former official of France’s data protection regulator, the CNIL, and former officials from the DOJ, FTC, SEC, DOL, and FERC, as well as the current General Counsel to the Merchant Advisory Group. We know what regulators and trade industries expect, how they investigate and enforce data protection issues, and the strategies that best position our clients to achieve positive results.
  • Litigating the edge.  In addition to having core experience with class action, securities, shareholder derivative, government enforcement, and insurance coverage litigation, our trial and appellate lawyers have been recently recognized for their work by The American Lawyer, Law360 and The National Law Journal, among others. We represented Microsoft when the Second Circuit U.S. Court of Appeals sided with our client against the U.S. government on cross-border privacy and surveillance issues relating to emails stored on Irish servers, and represented Facebook in convincing the Ninth Circuit that a social media aggregation company violated the Computer Fraud and Abuse Act by accessing Facebook users’ accounts.
  • Cyberwarfare and threat intel. We are among the only law firms that have taken the fight to the bad guys.  Partnering with a leading global technology company, industry associations and international law enforcement, for many years we have been disrupting and taking down international botnets, and the infrastructure of malware and phishing campaigns, controlled by a wide spectrum of threat actors.  We have carried out deep investigation and pursuit of hacking groups through civil litigation and law enforcement referrals in multiple jurisdictions.  In addition, we are at the forefront of cyberthreat information sharing strategies, including in national security investigations and leadership in the creation of a first-of-its-kind regional cyber threat intelligence sharing network serving seven cities and countries, six maritime ports, a hospital and two utilities.
  • Cross-border. Our team members practice across nine countries, on three continents. We help our clients grow in developed and emerging regions, while managing risk across a range of cybersecurity and privacy issues, including government surveillance, e-commerce and payments, cloud computing, big data analytics, interconnected devices, biometrics/facial recognition, international data transfers, data localization, cross-device tracking, and digital advertising.
  • On-demand support. To support our clients in a crisis, we are available 24-7 via our toll-free Cybersecurity Incident Hotline @1-800-972-9306. Clients can rest knowing that our team is on call.