Nicholas Farnsworth

Managing Associate


Nick Farnsworth advises clients on U.S. and international privacy, security and data enablement requirements and strategies. Nick develops comprehensive data protection programs and risk management solutions for the development, use and acquisition of advanced technologies, including ad tech, automated and connected vehicles, biometric tools, machine learning and artificial intelligence. He also advises on security incidents and breach notification requirements and prepares clients for regulatory inquiry and government investigation.

Nick provides guidance on both proposed and effective laws, including the California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), the Controlling the Assault of Non-Solicited Pornography And Marketing Act (CAN-SPAM), the Children’s Online Privacy Protection Act (COPPA), the Illinois Biometric Information Privacy Act (BIPA) and other biometric privacy laws, the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA), Section 5 of the Federal Trade Commission Act (FTC) Act, the Telephone Consumer Protection Act (TCPA) the Virginia Consumer Data Protection Act (VCDPA) and state breach notification laws. Nick also advises clients on the impact of international laws from a United States perspective, including the General Data Protection Regulation (GDPR) and the ePrivacy Directive.

In addition, Nick devotes a portion of his practice to innovative client solutions and community engagement. His pro bono practice has included representing clients in immigration and innocence matters and assisting small businesses with their legal needs. To make the CCPA more accessible, Nick was a member of the team that developed Orrick’s CCPA Readiness Assessment Tool, which provides companies an opportunity to test their preparedness for compliance with the CCPA as a first step to constructing their strategic compliance roadmap.

Nick has obtained the Certified Information Privacy Professional - United States (CIPP/US), Certified Information Privacy Technologist (CIPT) and Privacy Law Specialist (PLS) designations from the International Association of Privacy Professionals.