Interactive Counsel

Arent Fox's interactive media law blog - latest news and trends in advertising, data security & privacy, and IP.

Interactive Counsel

Privacy & Security

Arent Fox is on the cutting edge of cybersecurity and data protection laws and has experience assisting clients with all aspects of privacy, cybersecurity, and data protection. Our group serves clients in regulated spaces such as health care and telecommunications and sophisticated industries including retail, gaming and entertainment, and media.

Arent Fox’s interdisciplinary team of cybersecurity and data protection attorneys handle the full scope of data security and protection issues. We regularly advise clients on how to protect their data at every stage, from advice and counseling to investigations, incident planning and response, litigation, and even securing insurance policies to mitigate risks and liabilities. We work with companies to develop internal security and governance programs; advise businesses on the collection of data in retail locations as well as in online including via social media marketing and e-commerce platforms; and conduct internal investigations in response to critical data breaches. We also work with companies to implement privacy and data security protection by using IT agreements to control data access by their employees, reconfiguring data security when moving IT operations to the cloud, and protecting against cyber risks that can arise from third party IT vendors.

We routinely advise on the biggest trends in privacy and data security such as: handling ransomware incidents; cyber threat and new technology systems; NIST, ISO, PCI-DSS, and other security standards; payment security and mobile payment trends; aggregate and anonymized data collection in advertising; FTC guidance and enforcement; the Internet of Things; cross-border data transfer issues; the EU General Data Protection Regulation (GDPR); health information privacy, security, and breach notification; as well as federal- and state-level regulatory compliance.


Are You Listening? The FTC Has Been: Enforcement Policy Issued for Child Audio Recordings


SEC Enforcement Division Creates Cyber Unit to Pursue Data Security Cases

Last month, the SEC announced the creation of a new “Cyber Unit” within the Enforcement Division to target misconduct related to cybersecurity. The unit is being created in conjunction with internal SEC initiatives to strengthen cybersecurity in the wake of the agency’s infamous data breach last year.


Shutterfly Biometric Privacy Face Off Gets Go-Ahead

The latest question in privacy law is not what’s in a name (or IP address, PHI, TV viewing activity, etc.), but what’s on a face. Consumers are becoming increasingly concerned with how companies are using their biometric information such as facial, fingerprint, and iris information. In one closely watched case, photo sharing website Shutterfly faces allegations that it violated consumer privacy by collecting facial scans without consent.


FTC and 3 Companies Settle Enforcement Charges Regarding False Privacy Shield Claims

Just as the Sword in the Stone could only be used by its rightful owner, the Privacy Shield can only be claimed by the rightfully certified entities. If not, false representations may stir Federal Trade Commission action. The FTC recently announced their first enforcement actions involving the EU-US Privacy Shield framework, settling complaints with three US companies.


Read Here to Update: Privacy Policies, Connectivity, and Consent in the Age of the GDPR

Thinking about updating your privacy policy? Consider how to get consumer buy-in as part of the process. Your organization may be in the process of revamping its privacy practices, and as a result its external privacy policy, to keep up with the European General Data Protection Regulation (GDPR) and Federal Trade Commission (FTC) rules. This is good practice, but your organization should also consider how to publish the revised policies externally and internally, and whether consumer consent is appropriate.


Sarah Bruno Discusses Legal Landscape of Blockchain-Ready Industries at ILTACON 2017

Privacy, Cybersecurity & Data Protection group leader Sarah Bruno will discuss "Blockchain in Legal" with Thomson Reuters' Joseph Raczynski at the 2017 International Legal Technology Association (ILTA) Annual Educational Conference, ILTACON.


Data Divide: Japan’s Clarity and China’s Chaos in Reshaped Privacy and Security Regs


Daily Journal Names Arent Fox Partners Sarah Bruno and Jennifer Terry 'Top Women Lawyers'


This Ransomware Will Make You WannaCry


Our Allies Under Attack! Ransomware Hits the Brits and Quickly Spreading Across Globe – Batten Down the Hatches NOW


Subscribe to RSS - Privacy & Security


Add this blog to your RSS feed reader.

Arent Fox In Your Inbox
To subscribe to Arent Fox Alerts and other news, click here.


Arent Fox LLP, founded in 1942, is internationally recognized in core practice areas where business and government intersect. With more than 350 lawyers, the firm provides strategic legal counsel and multidisciplinary solutions to clients that range from Fortune 500 corporations to trade associations. The firm has offices in Los Angeles, New York, San Francisco, and Washington, DC.