Global Data Privacy

Today’s global economy runs on the cross-border exchange of personal information and data.  Rapid changes in technology and volume of data have caused a global expansion in data privacy and security regulations in recent years.  With so many jurisdictions taking different approaches on data privacy and security regulations, this ever-evolving legal landscape can be a challenging one for any global business to navigate.  Octillo attorneys work with businesses that operate in the United States, Europe, Asia, and other regions stay up-to-date on the fast-changing international rules on global data and security requirements, including cross-border data transfer, privacy, and cybersecurity.

Octillo Global Data Privacy services include:

  • International data transfers
  • Global data breach response and notifications
  • Negotiating International Business Contracts with appropriate data security and privacy provisions
  • Compliance with international data security and privacy laws
  • Implementation of global security and privacy programs
  • Employees and independent contractors in foreign jurisdictions
  • E-discovery with multiple jurisdictional impacts and investigations management
  • International data breach preparation and coordination
  • Interface with international regulators
  • Data security, data loss prevention and data breaches
  • International Mergers & Acquisitions Security & Privacy Due Diligence
  • Audits and data mapping
  • Assist DPOs with responses
  • Data security and privacy whistleblowers
  • Record retention and destruction practices

International Regulatory Compliance

Octillo offers practical compliance counsel to clients in connection with international regulatory compliance.  We work to evaluate a business’s exposure to international data privacy regimes, and develop enterprise-wide compliance programs to address General Data Protection Regulation (GDPR), Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) and Canada Anti-Spam Legislation (CASL), the Cyber Security Law of the People’s Republic of China, commonly referred to as the China Internet Security Law, and the India Personal Data Protection Bill.

Cross-Border Data Transfers

Organizations of all sizes value data as one their most important assets and advances in technology have drastically altered how companies access, collect, store, and share personal information.  On behalf of its multinational client base, Octillo attorneys negotiate international data processing addendums and contractual transfer mechanisms (Standard Contractual Clauses), and have developed enterprise-wide Binding Corporate Rules to govern internal data transfers.

Global Data Breach Response

In the event of a data breach, Octillo responds quickly to minimize legal exposure, determine the appropriate reporting actions based on applicable regulations, and communicate with relevant parties. Octillo attorneys respond to multi-jurisdictional data incidents and counsel clients on international reporting obligations under the GDPR.  Our team also represents clients after a data incident with litigation and government investigations. Octillo attorneys have been involved in responding to numerous data incidents involving clients subject to the European Union’s General Data Protection Regulation (GDPR), Canada’s Anti-Spam Law (CASL), Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) and other data privacy regime’s breach notification requirements

With strong ties and connections around the globe, including close contacts with local regulators in Asia Pacific, Europe, and the US, Octillo assists its global clients to develop robust data breach response and compliance matters.  The firm regularly performs custom table-top exercises to its global clients to test their incident response plans and response.

Credentials & Recognition

The Octillo Global Data Privacy Team includes attorneys who are Certified Information Privacy Professionals/United States (CIPP/US) and Certified Information Privacy Professionals/Europe (CIPP/E) by the International Association of Privacy Professionals (IAPP).  With many CIPP/E and CIPP/US attorneys on our team, our commitment to being industry leaders in cybersecurity, privacy and data breach law is apparent.

The team also includes attorneys who have clerked for the European Union’s highest court and engaged in numerous interactions with regulatory authorities. Our team also includes attorneys that speak French. Some attorneys also have Foreign Legal Permits for Canada.