This is available in:
Sidley’s Privacy and Cybersecurity practice group offers clients a global and interdisciplinary team of lawyers focusing on: privacy, data protection, information security, Internet and computer law, e-commerce, consumer protection, outsourcing, competitive intelligence and trade secrets, information management and records retention and responding to cybercrimes and network intrusions.


Our Privacy and Cybersecurity professionals represent clients in various sectors, including financial services, pharmaceuticals, communications and media, healthcare, information service providers, professional services, human resources and Internet companies. We pride ourselves on our ability to undertake highly sophisticated legal analysis and advocacy and to provide well-reasoned, intelligible legal advice on novel questions of privacy and information law. The law in these areas is relatively new, complex and evolving quickly, so our ability to deploy experienced and talented lawyers with substantial experience in these matters offers great practical benefits to our clients. We believe that we have substantially contributed to the success of our clients in navigating uncharted legal terrain, and addressing particularly difficult privacy challenges.

We assist clients on privacy and information law issues that arise in connection with internal investigations and civil discovery access to documents and witnesses that are located outside of the U.S., such as the data protection issues related to Foreign Corrupt Practices Act (FCPA) investigations and other transnational regulatory investigations. We have assisted in developing and implementing solutions to some of the legal dilemmas posed by foreign data protection and “blocking” statutes.

Our lawyers advise clients on requirements under the EU Data Protection Directive and the national privacy laws implementing the directive in individual EU Member States. Lawyers in the group also advise clients regarding privacy law requirements and developments in China and Japan. Where privacy and data security concerns become barriers to international trade in products or services, the team works closely with the firm’s International Trade group to advocate for our clients’ interests.

Areas of Concentration

Litigation and Investigations

  • Data Breach and Incident Response, Investigation and Litigation
  • Privacy, Internet, Computer Technology and Information Law Litigation
  • FTC and State Attorney General Investigations of Data Breach, Privacy, Information Security and Unfair or Deceptive Trade Practices
  • Computer Fraud and Abuse Act Litigation
  • Government Data Requests and National Security Matters
  • Online Defamation and Freedom of Speech Litigation
  • Internet Marketing, Brand Protection and Complex Domain Name Disputes
  • Discovery and Internal Investigations Involving Global Data Sources
  • Representation of Foreign Governments in US Courts
  • Office of Civil Rights, Department of Health and Human Services (OCR) Investigations 


  • Global Data Protection and International Information Transfers
  • EU Data Protection Issues
  • Cybersecurity and Network Intrusion Issues (including APT) 
  • Legal Compliance and Information Security Assessments
  • E-Commerce and Internet Issues
  • Human Resources Issues
  • Outsourcing Solutions
  • Information Management and Governance
  • Marketing Restrictions and Behavioral Advertising
  • Data Mining and Analysis
  • Social Media and Other New Information Technologies
  • Competitive Intelligence and Trade Secrets
  • National Security and Government Investigations
  • Website Policies and Terms and Conditions

Sectoral Focus

  • Financial Privacy (Gramm-Leach-Bliley Act (GLB), Fair Credit Reporting Act (FCRA), Fair and Accurate Credit Transactions Act (FACTA), Right to Financial Privacy Act (RFPA), US State Laws, EU Member State Laws)
  • Healthcare Privacy (Health Insurance Portability and Accountability Act (HIPAA), Electronic Health Records, US State Laws, EU Member State Laws, Health Information Technology for Economic and Clinical Health Act (HITECH))
  • Communications Privacy (Telecommunications Act, Communications Decency Act, Electronic Communications Privacy Act (ECPA), Computer Fraud and Abuse Act (CFAA), Foreign Intelligence Surveillance Act (FISA), U.S. State Laws, EU e-Privacy Directive, EU Member State Laws)
  • National Security and Law Enforcement (Foreign Intelligence Surveillance Act (FISA), Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act (PATRIOT Act), Communications Assistance for Law Enforcement Act (CALEA), RFPA, National Security Letters (NSLs))
  • Online Publishers and Interactive Media
  • Workplace Privacy

Legislative and Policy

  • Financial Privacy
  • Privacy, Data Breach and Information Security
  • Healthcare
  • Communications and Internet
  • EU Regulation