Our Practices
Data, Privacy & Cybersecurity
Cyber Investigations
Our goal in every investigation is to determine the applicable facts quickly and accurately and then develop an appropriate mitigation strategy that addresses the legal, business and public relations issues.
A company victimized by a data breach can quickly become the target of a state or federal investigation. Cyber incidents often trigger SEC disclosure requirements that necessitate a thorough factual investigation.
A data breach can quickly prompt an investigation
We work with our clients to avoid or limit exposure before federal and state government agencies and conduct independent and internal investigations for boards of directors, trustees and board committees of both public and privately held companies. We also represent public and private companies in proceedings before the DOJ, the SEC, state government entities, and other regulators.
A reputation rooted in discretion and sensibility
We have quietly earned a reputation as a practical go-to firm for boards, audit committees, special committees, companies, and other institutions in need of outside counsel to handle government investigations, sensitive internal investigations, and compliance reviews related to cyber events or incidents.
Companies must ensure they are prepared for such investigations and understand the benefits and risks of engaging with various government and self-regulatory entities.
We help clients navigate investigations with:
- Federal Trade Commission (FTC)
- State attorneys general
- Congressional committees
- FBI
- U.S. Secret Service
Representative Matters
Representative experience includes the following:
- Representing a large supermarket chain in an ongoing non-public investigation into data security practices related to networked devices and theft of customer credit cards at store terminals.
- Representing a telecommunications company in response to the New York Attorney General’s investigation into allegedly misleading advertising and marketing, which required extensive review of client software, algorithms, and computer protocols– all while protecting the IP of the company.
- Advising a large global Real Estate holding company on its response to an extensive FTC inquiry regarding the company’s website and marketing.
- Assisting a major retailer in managing its investigation of and response to a cybersecurity incident that occurred in the wake of major breaches in the industry. We oversaw an extensive forensic investigation with external consultants, coordinated with law enforcement, assisted with state attorney general investigations, and advised on significant insurance related disputes.
- Representing an international public media company concerning internal abuses of its secure computer systems and illegal sale of its IP to third parties.
- Assisting a large International clothing retailer with a data security incident involving theft by a high ranking executive of company assets and misappropriation of company funds. We uncovered manipulated and falsified computer system data during the course of the internal investigation.
- Defending a retail merchant client in all aspects of a significant point-of-sale system data breach, including notification to affected individuals, media outlets and state agencies, as well as an FTC investigation and interactions with law enforcement authorities and class action litigation.
- We have also counseled multiple clients in cyber-extortion matters and other incidents where our clients have been criminally victimized, and we have coordinated with law enforcement on behalf of our clients in such matters.