Skip to main content
Practice Area

Privacy, Data Security, and Digital Media

Person typing on laptop
©2024 Keller and Heckman LLP

The rapidly changing global digital landscape brings both complex challenges and opportunities. Whether helping businesses bring connected products to market, drafting privacy policies for websites and mobile apps, or advising businesses on developing and implementing privacy and information security programs and responding to data security incidents, our Privacy and Data Security team covers all areas of the digital ecosystem. We assist clients in meeting their business objectives while protecting consumer privacy and managing data security. 

We take a holistic approach to our clients’ privacy and security issues. We represent businesses in a variety of industries, including manufacturers of connected products, foods, drugs, hygiene and health products, dietary supplements, resins, telecommunications equipment, machinery, chemicals, electronics, and toys, as well as trade and professional associations. Our in-depth familiarity with the privacy and data security legal and policy landscape enables us to guide our clients in establishing best practices and commonsense solutions for managing consumer and employee data. 

We have significant experience in children's privacy, safety, and related issues, including matters related to the Children’s Online Privacy Protection Act (COPPA) and special rules for advertising to children and teens. Our thorough understanding of COPPA and other privacy guidelines and laws enables us to help clients offer legally appropriate online contests and promotions to children and teens as well as to adults. We also work with clients on health privacy issues, including questions under the Health Information Portability and Accountability Act (HIPAA).

Representative Matters

  • Represented national trade association in the Federal Trade Commission (FTC) COPPA and other privacy rulemaking proceedings

  • Advised international food, consumer product, publishing, oil and gas, and retail clients on state data breach notification obligations and privacy and security policies and compliance

  • Successfully defended children's product companies in federal and state COPPA investigations, often closing the matter with no formal action

  • Successfully defended online retailer in an FTC investigation of a CAN SPAM violation, closing the matter with no action

  • Established social media policies for national grocery and consumer products retailers, consumer products companies, and national trade associations

  • Advised an international platform on structuring compliant sweepstakes and contests directed to children

  • Assisted national consumer product companies in implementing online behavioral advertising compliance programs

  • Developed website and mobile app privacy policies and terms of use for diverse businesses and associations

  • Advised international food and consumer product companies on transborder data flow adequacy mechanisms

  • Served as outside counsel to a national association implementing an interest-based advertising self-regulatory program

For more information, please contact

Areas of Focus

Advising clients on establishing and implementing internal privacy policies and procedures, public facing privacy policies, consumer rights procedures, information security policies, and breach notification policies; helping clients manage transborder data flows and develop compliance strategies for participation in self-regulatory programs for interest-based advertising; and counseling clients on biometric privacy issues

Assisting clients in complying with the Children’s Online Privacy Protection Act (COPPA) and helping them respond to updates to COPPA and other laws affecting children’s privacy at both the federal and state level and representing clients in all major COPPA rulemaking proceedings

Developing and negotiating outsourcing, digital service provider, web hosting, website and mobile app development, and e-commerce agreements 

Helping clients address privacy and data security when conducting online and mobile contests, sweepstakes, and promotions, and comply with laws and self-regulatory guidelines on the use of “cookies” and other technologies for interest-based or online behavioral advertising

Helping clients draft and implement data breach notification and response procedures and comply with notification obligations should a data breach occur

Representing clients in regulatory enforcement actions by the Federal Trade Commission (FTC) and state Attorneys General and handling disputes before self-regulatory bodies; working to assure that privacy considerations are addressed in discovery 

Participating in policy debates about how the internet, mobile media, apps, interactive devices, and online platforms should be governed at both the federal and state level; advising on legislative strategy, including preemption language and helping to develop best practices in advertising and privacy self-regulation through the International Chamber of Commerce (ICC) Marketing and Advertising Commission, the Children’s Advertising Review Unit (CARU), and other organizations

Advising clients on applicability of HIPAA, business associate agreements, and handling health-related data not covered by HIPAA

Contact a Privacy, Data Security, and Digital Media Attorney

Contact Us

The information provided by Keller and Heckman in response to an individual's query submitted through the "How can we help?" feature does not constitute legal advice and does not create an attorney/client relationship
Recruiting & Careers