Nicholas Farnsworth

Senior Associate


Nick Farnsworth counsels clients on United States (U.S.) and international privacy, security and data enablement requirements and strategies. Nick develops comprehensive data protection programs and risk management solutions for the development, use and acquisition of advanced technologies, including advertising technology (adtech), automated and connected vehicles, biometric tools, machine learning and artificial intelligence (AI). He also advises on security incidents and breach notification requirements and prepares clients for regulatory inquiry and government investigation.

Nick provides compliance guidance on both proposed and effective laws on a federal and state level in the U.S., including:

  • Controlling the Assault of Non-Solicited Pornography And Marketing Act (CAN-SPAM)
  • Children’s Online Privacy Protection Act (COPPA)
  • Illinois Biometric Information Privacy Act (BIPA) and other biometric privacy laws
  • Fair Credit Reporting Act (FCRA)
  • Gramm-Leach-Bliley Act (GLBA)
  • Section 5 of the Federal Trade Commission Act (FTC) Act
  • Telephone Consumer Protection Act (TCPA)
  • U.S. state breach notification laws
  • U.S. state privacy laws in California, Colorado, Connecticut, Utah and Virginia (CCPA, CPRA, CPA, CTDPA, UCPA, VCDPA)

He also counsels clients on the impact of international laws from a U.S. perspective, including the General Data Protection Regulation (GDPR) and the ePrivacy Directive. In addition, Nick devotes a portion of his practice to innovative client solutions and community engagement. His pro bono practice has included representing clients in immigration and innocence matters and assisting small businesses with their legal needs. To make the CCPA more accessible, Nick was a member of the team that developed Orrick’s CCPA Readiness Assessment Tool, which provides companies an opportunity to test their preparedness for compliance with the CCPA as a first step to constructing their strategic compliance roadmap.

Nick has obtained the Certified Information Privacy Professional - United States (CIPP/US), Certified Information Privacy Technologist (CIPT) and Privacy Law Specialist (PLS) designations from the International Association of Privacy Professionals.