Privacy and Data Security

• Served as lead counsel to a major retailer in various crisis response capacities, including orchestrating, strategizing, and leading congressional witness preparation; serving as “first chair” during the client’s testimony at U.S. House and Senate hearings; coordinating responses to other simultaneous government investigations; counseling on media and communications; and delivering legal guidance to the C-suite and government affairs team
• Successfully defended a media company in an investigation by the FTC arising from allegations that the company circumvented browser privacy settings when using online ad-serving technology
• Provided legal and strategic counsel to a hospitality company with respect to two successive data breaches. This included representation of the company in connection with responding to state attorney general inquiries, and in negotiations of fine payments with credit card companies and insurance providers
• Successfully represented a major cable television company in class action suits filed under the privacy provisions of the Cable Communications and Policy Act of 1984
• Represented trade associations seeking to strike down financial privacy regulations issued by the FTC, the Securities and Exchange Commission (SEC), and the federal banking agencies pursuant to the Gramm-Leach-Bliley Act (GLBA), and challenging the national “Do Not Call” registry and related FTC telemarketing regulations
• Worked with the Digital Advertising Alliance (DAA) to develop its PoliticalAds self-regulatory program, bringing transparency and accountability to the digital political advertising ecosystem. Fueled by reports of abuses of digital political advertising in the presidential elections, Venable helped the DAA develop the program and within months secure its adoption by a state board of elections
• Provided advice and developed educational materials for an ad tech company to inform the European Parliament about how digital advertising fuels the economy and benefits consumers, in preparation for the General Data Protection Regulation (GDPR)
• Entered into immersive, supporting relationships with an American entertainment company working with varying business models to provide around-the-clock assistance and served effectively as in-house counsel
• Represented a health services marketer in connection with the requirements of the Health Information Portability and Accountability Act (HIPAA) related to pharmaceutical discount cards
• Provided legal guidance and counseling with respect to a brand’s and a marketing solutions provider’s compliance obligations under the California Consumer Privacy Act (CCPA), which the state attorney general will begin enforcement of in July 2020, and created a priority list of business concerns for senior management regarding the law
• Provided ongoing counseling to a global company as it rolled out new data collection practices, beginning with an assessment of potential legal and regulatory exposure related to the anticipated data collection practices, and concluding with new consumer consent language for inclusion in customer agreements
• Assisted a transportation solutions and logistics company with data ownership issues arising from agreements with vehicle manufacturers with which it engaged in early-phase autonomous vehicle programs
• Advised a direct marketing company on privacy and data security issues relating to the sale of a controlling stake in several prominent lines of business
• Advised a multinational information technology services company on all privacy and data security matters relating to its acquisition of a leading cloud billing solutions company
• Helped review the privacy incident response plans and facilitated tabletop exercises to help ensure that internal privacy and security teams at multiple companies are prepared to respond to new types of data security incidents

Experience Working for:

• Centers for Medicare and Medicaid Services
• Consumer Financial Protection Bureau (CFPB)
• Data Privacy and Integrity Advisory Committee, Department of Homeland Security (DHS)
• Department of Commerce
• National Institute of Standards and Technology (NIST)
• Office of the Undersecretary of Commerce for Standards and Technology
• Department of Education
• National Assessment Governing Board
• Office of Elementary and Secondary Education
• Federal Interagency Committee for Emergency Medical Services (FICEMS)
• General Services Administration
• National Highway Traffic Safety Administration (NHTSA)
• National Security Council
• National Strategy for Trusted Identities in Cyberspace
• Office of Legislative Affairs, Department of Justice (DOJ)
• United States House of Representatives
• Energy and Commerce Committee
• Oversight and Investigations Subcommittee
• United States Senate
• Committee on Appropriations
• Subcommittee on Agriculture, Rural Development, and Food and Drug Administration
• Committee on Armed Services
• Committee on Commerce, Science and Transportation
• Subcommittee on Consumer Affairs, Insurance, and Automotive Safety
• Committee on Health, Education, Labor, and Pensions
• Committee on Rules and Administration
• Committee on Small Business and Entrepreneurship
• Committee on the Judiciary
• Subcommittee on Technology and the Law
• Judiciary Committee Counsel to U.S. Senator Charles E. Schumer (D-NY)
• Office of Senator Richard J. Durbin (D-IL)
• Office of Senator Joni Ernst (R-IA)
• Select Committee on Ethics

• Chambers USA
  • Law Firm of the Year, Privacy and Data Security, 2009, 2021
  • Privacy and Data Security, National, 2008 – 2024
  • Award for Excellence Shortlist, 2017
• Chambers Global, 2011 – 2015, 2017, 2022
• Legal 500, Cyber Law, 2010 – 2024
• Computerworld, Top 25 Privacy Experts, 2008