We have successfully litigated both criminal and civil cases involving allegations of hacking, data brokering, dark net activity, identity theft, cyber extortion, online predation, invasions of privacy, fraud and online defamation. We also regularly advance our clients’ constitutional right to privacy and to be free from unreasonable searches and seizures by the government through our precedent-setting constitutional litigation practice.

There is now an increasingly complex mosaic of laws and professional obligations relating to data protection and privacy that, if violated, lead to severe and irreparable criminal and civil consequences. We provide a full suite of crisis response and litigation services to business organizations to navigate through this complex labyrinth of statutes and common law duties relating to data protection when cyber-security breaches occur. With our credentials, notable experience and skill at handling complex, sophisticated and high-profile criminal and regulatory matters, we are equally comfortable providing preventative advice as we are in providing forceful and effective representation in litigation relating to cyber security and privacy matters. We are available around the clock for crisis management, incident response and strategic advice in relation to the following:

Privacy Breach Obligations, Reporting and Notification

We advise on statutory obligations to record and report privacy breaches to relevant privacy commissioners, whether direct or indirect notification to affected parties is required, and whether to inform other governmental agencies and institutions in order to mitigate the risk of harm to affected individuals. Where there is no statutory obligation to report the breach, we advise on whether voluntary reporting and notification would nevertheless be appropriate as part of an overall crisis response and risk mitigation strategy. We also provide advice in relation to press releases, other forms of public statements and reputational rehabilitation.

Cyber Resilience and Risk Management

There is no one-size-fits-all approach to cyber security. We offer custom-made services to entities who wish to develop cyber resilience protocols to address their unique internal/external vulnerabilities, exposure and risk tolerances and appetite. We advise on the development and maintenance of policies and procedures to safeguard the integrity of private and confidential information and implement effective incident response protocols to eliminate and mitigate a threat, preserve and recover data, investigate the incident and comply with reporting and notification obligations, all of which are designed to mitigate litigation risks and minimize reputational damage.

Professional Responsibility

For legal, financial and health professionals, we advise on reporting and notification obligations under the relevant self-regulatory regimes and act as counsel for professionals in the context of investigations involving allegations of breaches of privacy and confidentiality obligations.

Privacy Commissioner Investigations, Enforcement and Access Requests

We act as counsel to individuals and entities in the context of investigations by privacy authorities and provide advice and representation in relation to freedom of information and access requests with respect to both resisting disclosure of information as well as obtaining information through freedom of information processes.

Insurance Coverage Disputes and Civil Litigation

We prosecute and defend claims made by affected parties and provide representation in respect of coverage disputes over cyber security insurance policies.

We bring the same around-the-clock responsiveness, accessibility, commitment and intensity to our Privacy and Cyber Security practice as we do to our other practice areas.