Data Privacy and Cybersecurity Litigation


As our world becomes more and more digital and dependent on information technology, businesses throughout the world are encountering data protection and cybersecurity incidents at an astonishing rate and must spend valuable time and resources to anticipate and prevent them—and if they aren’t, they should be. To help clients stay ahead of this increasing business risk, Robinson+Cole’s Data Privacy + Cybersecurity Team works with clients in mapping high risk data, implementing safeguards, compliance with rapidly changing data privacy and security laws, developing and implementing incident response plans, data breach notification, and educating employees on protecting company information. Our lawyers are skilled in helping clients avoid and mitigate cyber intrusions, including malware, ransomware, phishing attacks, insider threats and social media risk. When litigation is necessary, however, we readily advocate for our clients, and we defend them in litigation resulting from alleged privacy violations, data breach class actions and government investigations. If a data breach or privacy issue results in litigation or an enforcement action, we work with clients to resolve the matter through the court system or before federal or state regulatory agencies. We represent companies in privacy litigation matters involving unauthorized access, use or disclosure of personally identifiable, health, or financial information, and in litigation around violations of security measures to protect the data.

Our Services and Our Team

Because data privacy and cybersecurity issues cut across all business enterprises, our Data Privacy + Cybersecurity Team collaborates with lawyers from all of the firm’s practice areas to match the right resources to each client’s unique situation. Our clients include businesses in all industries, including the following:

  • utilities and energy companies
  • manufacturing companies
  • wireless telecommunications service providers
  • tax-exempt organizations
  • higher education
  • health care providers
  • hospitals and multi-specialty groups
  • patient portal vendors
  • health information exchanges
  • catalogue and direct marketing companies
  • companies with a significant offline database of customer information
  • software companies
  • start-up companies
  • companies providing remote monitoring of equipment
  • companies providing cybersecurity and forensic services
  • retail companies
  • commercial product companies

Our lawyers are adept in interpreting the minutiae of these federal and state data privacy and security rules and regulations:

  • Blockchain Technology
  • California Online Privacy Protection Act (CalOPPA) and Do-Not-Track laws (and the newly passed laws, including Virginia and Colorado)
  • Children's Online Privacy Protection Act (COPPA)
  • Fair Credit Reporting Act (FCRA)
  • Family Educational Rights and Privacy Act (FERPA)
  • Gramm-Leach-Bliley Act (GLBA)
  • Health Insurance Portability and Accountability Act ( HIPAA)
  • Federal Trade Commission Act (FTC Act)
  • FTC's Telemarketing Sales Rule (TSR)
  • General Data Protection Regulation
  • New York Department of Financial Services Cybersecurity requirements
  • state Written Information Security Plan (WISP) requirements
  • state laws, including workplace privacy statutes, antispam statutes, attorney general enforcement actions, and other privacy protection statutes and trends
  • Telephone Consumer Protection Act (TCPA)
  • Video Privacy Protection Act (VPPA)
  • Virtual Currency regulations

Our  Data Privacy + Cybersecurity Team chair, Linn Freedman, is a former Assistant Attorney General and Deputy Chief of the Department of Attorney General for the State of Rhode Island who regularly works with the attorney generals of multiple states around compliance and enforcement actions involving data breaches and data security, and has been recognized by Chambers as a leader nationally in the field of Privacy Law since 2012. She is an adjunct professor at Brown University and Roger Williams Law School teaching Privacy Law.

Our team has deep experience with HIPAA enforcement actions with the Department of Health and Human Services Office for Civil Rights. 

Additionally, our team members regularly contribute to the Data Privacy + Security Insider blog at and have received Readers' Choice awards by JD Supra.

For more information on Robinson+Cole’s Data Privacy + Cybersecurity Team, click here.

Our Team