Celebrating 125 Years

Assuring cybersecurity has become a necessity for businesses across all industries. Jackson Walker's Cybersecurity practice represents providers of cybersecurity solutions as well as astute businesses which are taking proactive steps to manage their risks with respect to the integrity and security of their networks and data.

Our Cybersecurity group is composed of attorneys from across the firm. Jackson Walker believes that by taking a multi-disciplinary approach, we can efficiently and effectively provide our clients with the advice and counsel they need for a full spectrum of legal concerns. Included in the group are attorneys from the following practice areas:

Corporate & Securities
  • Advising boards of directors and management on fulfilling their risk oversight responsibilities
  • Representing purchasers of cloud computing solutions and other outsourced information technology services and products to ensure Sarbanes Oxley SAS 70 compliance, including appropriate audit reporting
  • Representing providers of software as a service and other hosted solutions as they grow their businesses

Technology, Privacy and Data Security and Intellectual Property
  • Helping clients obtain, protect and enforce intellectual property rights with respect to security systems and solutions
  • Negotiating complex business process outsourcing (BPO) relationships
  • Complying with regulatory and industry standards, including Payment Card Industry Data Security Standard (PCI DSS), Critical Infrastructure Protection (CIP) reliability standards, and Automated Clearing House (ACH) transaction standards
  • Complying with state law related to data protection requirements
  • Defending data collectors with respect to litigation – including class action litigation – claims arising out of computer hacking incidents and the resulting unauthorized disclosure of subscribers' credit card numbers and email addresses, and assisting collectors with multi-jurisdictional compliance requirements stemming from data breaches

  • Complying with import and export regulations, including deemed export concerns with respect to non-U.S. employees working in the U.S. and outsourcing of information technology or development functions to foreign companies, and compliance with International Traffic in Arms Regulations (ITAR)

  • Advising boards of directors and information technology and finance management on managing document retention and storage solutions

Our Approach

Our attorneys understand information systems security and can help you prevent losses and minimize risk as you create, enhance, or overhaul your information systems. Our approach focuses on the intersection among corporate, finance and information technology within our client's businesses, taking into consideration that:
  • the CIO alone can neither create nor maintain the attorney-client privilege without general counsel's direction of the corporation's cybersecurity efforts
  • cybersecurity should be viewed as a corporate governance issue, not solely an IT issue
  • adequate systems must meet federal and state compliance statutes and cover a wide variety of legal mandates from privacy, to identity theft, to notifications

The consequences of information compromise present business issues that require legal planning and action to mitigate the risks to the enterprise and its owners. We encourage a proactive approach to lay the groundwork to protect legal interests, promote strong corporate governance, and reduce the potential of financial losses, legal missteps, significant litigation and other actions arising from information compromise.

We have substantial experience guiding clients through cybersecurity related issues. Our experience includes:
  • providing direction on privacy issues, including data security and regulatory compliance
  • commercial transactions that implicate or focus on the use of personal information
  • best practices for information handling
  • formulation of responses to security breaches and inadvertent disclosures of personal information relating to employees or customers
  • implementation of privacy policies and training programs
  • adoption of document retention policies and the protection of attorney-client privilege to the findings of forensic investigators

Finally, many of our clients strategically use outbound online marketing, and we assist them with these projects and all related compliance obligations. For example, we have advised clients with respect to the collection and use of personal information in connection with online retail sales, social media (Web 2.0) endeavors and, in the context of promotional contests and other direct marketing campaigns, compliance on a 50-state basis with contest regulation. We have also guided clients through the adoption of social media policies applicable to their employees' online activities and incorporation of user-generated content in their web media, equipping them to get the message out without violating applicable regulations such as securities laws and Federal Trade Commission Guidelines and while addressing intellectual property and other risks. Finally, we work with clients in the adoption and evolution of their document management policies so that they can continue to be current with regulations, requirements and best practices for privacy, e-discovery, and document retention.

Our clients include both public and private retailers, content providers, hardware and software companies, and payment systems providers who are both publicly traded and privately held. We also have many attorneys who have served for multiple years on the Committee on E-Commerce for the Texas Bar Association's Business Law Section, including service on the special committee on privacy and security issues, which watches national trends and advises the state legislature as to the Bar's recommendations on relevant legislation. We also have extensive relationships internationally to assist our clients in compliance with privacy and data security regulations in other jurisdictions.

Our lawyers are viewed as insightful and pragmatic resources to practitioners and businesses alike and are regularly asked to speak on issues related to data protection, data hosting and management, and document retention, as highlighted by recent presentations to the Association of Corporate Counsel and the State Bar of Texas, as well as the number one Google-ranked HIPAA blog produced by Jackson Walker partner Jeff Drummond, addressing not only the privacy of health care information, but also trends in other privacy laws. Our attorneys stay apprised of industry standards and best practices and are well-positioned to craft realistic, practical solutions to help deter intrusions, misuse, computer fraud, and industrial espionage and allocate responsibility should such a situation arise.
© 1999 - 2016 Jackson Walker L.L.P. · All Rights Reserved · Unless otherwise noted, attorneys not certified by the Texas Board of Legal Specialization.