The frictionless flow of information is a defining feature of today’s information economy. The ability to transfer customer data, employee files, financial records, and other information around the globe quickly and cheaply has opened up a world of opportunity for many businesses. It also presents a new world of risks.
Managing risk and adopting sound privacy and security standards
The potential for misuse of sensitive personal information has triggered legislative and regulatory action worldwide – the risks are high. Privacy laws are continually evolving, vary by jurisdiction, are interpreted unpredictably, and are in a constant state of flux. Even the most well-meaning, conscientious company can make a false step as it captures, uses, transfers and discloses personal information. The same applies to cybersecurity, which is becoming increasingly complex. The consequences can be serious: heavy fines, injunctions, government audits, even criminal liability. Perhaps more importantly, companies that run counter to privacy and cybersecurity standards find themselves open to negative media attention and the immeasurable damage of lost consumer trust and confidence.
These risks have led a growing number of multinational companies to turn to our global data privacy and cybersecurity group for help in adopting sound privacy and security practices, ensuring regulatory and legal compliance, and protecting their competitive advantage.
Advising clients around the world in their compliance efforts
With one of the largest and most experienced data privacy and cybersecurity groups in the world, our global team is on hand to guide clients through the relevant data protection legislation in the jurisdictions in which they are active. Seamlessly working with their counterparts in other practice areas, our global team has the depth of resources to provide integrated, creative and practical advice on the privacy-related concerns faced by our clients, wherever they are located.
Our experience spans the full range of industry sectors including financial institutions and banking, biotechnology, pharmaceuticals and chemicals, construction and engineering, consumer goods and retail, automotive, hotels and leisure, IT, telecommunications, manufacturing and electronics, publishing and media.
Specific data privacy and cybersecurity services we provide for our clients include:
Global consumer goods company White & Case is providing this confidential client with advice and strategic guidance on global data protection compliance matters including, but not limited to, compliance with the forthcoming General Data Protection Regulation, the implementation of Binding Corporate Rules, support on data processing agreements and related data protection compliance initiatives. This project is global in scale, involving entities in all major markets around the world.
Privacy-related disputes for social media company in the EU Advising a leading social media company in relation to privacy-related disputes in several EU jurisdictions.
Multi-country review of in-vehicle systems for car manufacturer Assisting a leading car manufacturer with respect to the privacy and telecommunications law aspects of in-vehicle systems in 52 jurisdictions.
Multi-country review of security policies for international banking group Review of the information security policies of an international banking group under the legal and regulatory framework of various major jurisdictions.
Global data privacy compliance project for pharmaceutical manufacturer Advising an international pharmaceutical manufacturer in relation to a global data privacy compliance project with a particular focus on healthcare privacy.
Cross-border data privacy issues for manufacturer of electronic devices Advising a multinational manufacturer of electronic devices on all issues related to European, Asian, South American and Pacific human resources and client personal data, including performance of a data privacy audit, drafting of intra-group privacy policies and contracts, assisting with European works council laws, and preparation of binding corporate rules.
Intra-group transfer of personal data for energy supplier Advising an international energy supplier on the intra-group transfer of personal data (included related agreements with employee representatives).
HR management data protection issues in 30 countries Review of the proposed introduction of a group-wide HR management system by a leading manufacturer of wires and cables under the data privacy laws of more than 30 countries.
Establishment of shared services centres for international consumer goods manufacturer Advising a leading international consumer goods manufacturer on data privacy and employment law related matters in 25 countries worldwide with regard to the establishment of intra-group shared services centres for certain HR functions.
Privacy aspects of investigations and e-discovery for financial institutions Advising several leading financial institutions on data privacy issues in relation to civil, criminal and competition investigations and disputes.
Security breach and notification obligations in various industries Advising companies in various industries on their respective obligations under federal and state security breach and notification laws.