Practices |

Privacy & Data Security

Protect Data, Limit Risk,
Build Trust

Understanding the rapidly changing landscape of privacy and data security laws is critical for every business. We handle legal issues related to data privacy, security, and integrity for clients in a wide range of industries and technology verticals, including software, e-commerce, education, telecommunications, publishing, new media, and interactive gaming.

Did You Know?
29

MBBP's affiliation with LawExchange International provides our clients with access to local counsel in 29 countries around the world.

Our experience includes:

  • Advising clients as to privacy and data security issues in the United States and abroad, including issues involving the General Data Protection Regulation (GDPR) and EU-U.S. data transfer mechanisms (including the "standard contractual clauses" issued by the European Commission and the EU-U.S. Privacy Shield Framework).
  • Developing for our clients privacy policies and information management best practices.
  • Counseling clients with respect to state data security and breach and disclosure laws, including the Massachusetts data security regulations.
  • Representation in the context of Federal Trade Commission investigation of privacy practices and in the negotiation of FTC Consent Orders.
  • Providing guidance as to compliance with the Children’s Online Privacy Protection Act (COPPA), the Family Educational Rights and Privacy Act (FERPA), as well as to state privacy and data security laws relating to minors and the use of K-12 student data (particularly for clients in the digital games, mobile applications, and online education areas).
  • Advising clients on privacy and data security issues in the context of licensing transactions, including negotiation of strategic alliances, support and maintenance, professional services, software as a service (SaaS), hosting, development, and other intercompany relationships.
  • Counseling employers on workplace privacy issues such as the monitoring of email and computer systems, employee use of electronic devices, employee drug testing, background checks, and workplace searches.