Privacy Litigation & Enforcement Actions



Cybersecurity issues are complex, fast-moving, and demand immediate action. We quickly leverage our experience for your benefit.

Our Approach

Data Breach Litigation:  Our attorneys effectively represent clients in litigation arising from data breaches, including consumer class actions, and business-to-business disputes.

Consumer Privacy Litigation:  We have deep experience with many of the most significant consumer privacy statutes and regulations, including:

  • Telephone Consumer Protection Act (TCPA)
  • Biometric Information Privacy Act (BIPA)
  • Fair Credit Reporting Act (FCRA)
  • Fair and Accurate Credit Transactions Act (FACTA)
  • Fair Debt Collection Practices Act (FDCPA)
  • Video Privacy Protection Act (VPPA)
  • Driver’s Privacy Protection Act (DPPA)
  • Federal Trade Commission (FTC) and Federal Communications Commission (FCC) regulations
  • State consumer protection laws

Regulatory Defense:  Our team includes former state and federal prosecutors who guide clients through government investigations and enforcement, including those by the Department of Justice, Federal Trade Commission, state attorneys general, and the HHS Office for Civil Rights.  We have strong relationships with regulators and we know how to navigate the terrain.

Who We Work With

  • Companies at any stage of privacy complaints, data theft, or data loss, whether intentional or accidental, including victims of hacking, disgruntled or negligent employees, and natural disasters
  • Clients in technology, health care, finance, infrastructure, defense, energy, big data, social media, data storage and professional services
  • Any company facing government audit or other investigation by a federal or state regulatory authority

Recognition

  • Recognized by Chambers USA as a nationwide leader in the fields of Privacy Law and Healthcare: Regulatory & Litigation
  • Included in The BTI Litigation Outlook 2013 report Honor Roll as one of the “Most Feared Law Firms” for litigation
  • U.S. News & World Report/Best Lawyers “Best Law Firms” nationally recognized Government Investigations & White Collar Criminal Defense practice

Recent Experience Representing:

  • A leading medical device manufacturer accused of violating the TCPA by sending prerecorded calls for educational healthcare seminars by defeating class certification and obtaining summary judgment on remaining individual claims.
  • An international retailer accused of violating BIPA by collecting employee biometric data for timekeeping purposes.
  • A leading clinical laboratory network in a putative TCPA class action alleging automated phone calls to mobile phones through an aggressive litigation strategy, settling the case, pre-certification, on favorable terms to our client.
  • A national CRM and marketing provider in related putative class actions in U.S. District Court for the Southern District of California related to the TCPA.
  • Multiple large health care systems in investigations by the Office for Civil Rights and state regulatory bodies following allegations of breaches of protected health information.
  • A client in litigation involving the theft of 1.7 million patient records.
  • A client during a state attorney general investigation into unauthorized access of personal information from hacking of website.
  • A government investigation following the loss of laptops containing PHI.
  • Numerous clients in health care privacy violation investigations by the Office for Civil Rights (OCR) and state regulatory entities.
  • A client against allegations of breach of contract and negligence, following a data breach of personal health information where backup and data recovery services allegedly failed.  Case settled favorably during discovery.
  • A Maine hospital in an investigation by OCR and the Maine attorney general following a security incident.
  • A marketing company in an investigation by the Indiana Attorney General into company’s telemarketing practices.  Matter resolved by consent decree.
  • A medical device company from investigation by Washington Attorney General relating to alleged impermissible sharing of data.
  • Physician practices on data breach investigations by OCR and state governments.

Big questions for BIPA case law in 2021

Cybersecurity Law Report | February 17, 2021

In this article focusing on case law developments around Illinois’ Biometric Information Privacy Act in the year ahead, Chicago Complex Commercial Disputes partner Rich Tilghman is quoted extensively for his outlook on facial and voice recognition cases, extraterritoriality, arbitration defenses, what counts as a BIPA violation, and collected data.

The Once-and-Future Privacy Shield

Rochester Business Journal | November 06, 2020

Data Privacy & Cybersecurity deputy leader and Rochester associate Jenny Holmes contributed this article analyzing the European Court of Justice’s recent invalidation of the Privacy Shield and its impact on data flows between the US and the EU. This article was co-developed with Los Angeles partner Jason P. Gonzalez and Boston associate Troy K. Lieberman, both from the Data Privacy & Cybersecurity team.

Keep up with laws developing to protect our consumer data

Rochester Business Journal | November 15, 2019

In the latest installment of his monthly column, Rochester Corporate partner Jeremy Wolk analyzes state-level legislation aimed at enhancing consumer privacy rights and protections, similar to the European Union’s General Data Protection Regulation. Rochester Corporate associate Jenny Holmes contributed to the column.

Facebook lawsuit underscores importance of transparent collection and use of data

Rochester Business Journal | January 25, 2019

Rochester Corporate partner Jeremy Wolk wrote this contributed column analyzing a lawsuit filed against Facebook in Washington, DC, alleging violations of state-level consumer protection laws by the social media company. This article incorporates perspective from an alert written by Washington Complex Commercial Disputes associate Brian Donnelly, Rochester Corporate associate Jenny Holmes, and Los Angeles Government Investigations & White Collar Defense associate Karina Puttieva.

Problems with the California Consumer Privacy Act

Los Angeles/San Francisco Daily Journal | January 23, 2019

Los Angeles Government Investigations and White Collar Defense partner Jason Gonzalez and associate Karina Puttieva co-wrote this contributed article identifying issues with the “remarkably unclear” California Consumer Privacy Act, a measure passed last year that regulates large businesses businesses who buy, sell or share consumers’ personal information.

Contacts

Jason C. Kravitz

Partner
Co-leader, Intellectual Property
Leader, Cybersecurity & Privacy

jkravitz@nixonpeabody.com

Phone: 617-345-1318

Dan Deane

Partner
Leader, Class Actions and Aggregate Litigation;
Co-Leader, TCPA & Consumer Privacy Team

ddeane@nixonpeabody.com

Phone: 603-628-4047

Back to top