Privacy and Data Security Law

Internet Privacy and Data Security Lawyer


Hinch Newman assists Internet marketers and companies of all sizes with data privacy and security issues.  The firm advises clients with preventive privacy compliance issues and defending regulatory investigations pertaining to alleged unfair data security practices.

An online privacy and cybersecurity law firm, Hinch Newman assesses clients' domestic and global data collection, use and disclosure practices.  The firm drafts website privacy policies, conducts advertising and disclosure clearance reviews, develops and implements corporate information security protocols, drafts commercial marketing agreements, and keeps clients abreast of emerging state, federal and international data use legal requirements.

The firm also possesses significant experience with tracking and online behavioral marketing technology platforms utilized by Internet marketers in conjunction with advertising campaigns.

Exceptional Coverage and Foundational Understanding


The firm’s practice provides exceptional coverage of substantive areas of state, federal and international privacy and data security laws, including various legal structures, digital advertising and marketing, behavioral advertising, geo-location data and social media issues.  

We counsel clients on laws and regulations governing GDPR-requirements, information management, data inventory, data sharing and transfers, data collection and retention, user preference management, privacy program development, written information security plans, data breach notification and incident response programs, workplace privacy, online privacy and privacy policies, vendor management, standard contract provisions, international data transfers, U.S. Safe Harbor and Privacy Shield, Children’s Online Privacy Protection Act (COPPA), Telemarketing Sales Rule, Telephone Consumer Protection Act (TCPA), Do Not Call registry (DNC), FTC and state attorneys general privacy enforcement actions, private rights of action, unfair and deceptive trade practices, and other theories of legal liability.

See the FTC’s Privacy & Data Security Update (2018), here.

Children’s Online Privacy Protection Act (COPPA), Telemarketing Sales Rule, Telephone Consumer Protection Act (TCPA), Do Not Call registry (DNC), FTC and state attorneys general privacy enforcement actions, private rights of action, unfair and deceptive trade practices, and other theories of legal liability.

Privacy Litigation


Hinch Newman knows how to apply privacy laws and regulations, from jurisdictional laws and consumer protection statues to legal requirements for handling and transferring data.  In addition to data privacy legal regulatory compliance, this substantive knowledge enables the firm to represent clients in a broad spectrum of cybersecurity-related litigation matters.

The firm is skilled in handling complex privacy-related litigation matters, including allegations of “unfair and deceptive” business practices, Telephone Consumer Protection Act class action defense and various common law privacy torts.

Information Risk Minimization


The firm works closely with clients on multiple aspects of information risk management, and privacy and data security legal and regulatory compliance.  The foregoing includes issues such as data asset inventories, vendor assessment, data use disclosures and information governance. 

We have also represented tech entrepreneurs against government investigations related to malicious cyber-related incidents, and work with clients to implement marketing solutions, consumer-facing disclosures and marketing materials.

You need an experienced Internet privacy and data security attorney  who can assist with specific online marketing and eCommerce measures to protect and manage sensitive information. If the information falls into the wrong hands, it can lead to fraud or identity theft.  The cost of a security breach can be measured in the loss of your customers' trust, which makes safeguarding personal information just plain good business.

State Legislation


Internet marketers that partner with vendors, service providers or other marketers are faced with privacy and data security compliance risks.  Where regulatory protocols exist, they must be incorporated into business operations, monitored and adhered to.  State-specific requirements such as those enacted in California, Colorado, Massachusetts, Nevada and Vermont must be afforded special attention as all have pioneered privacy and cybersecurity legislation.

General Data Protection Regulation (GDPR) Compliance


The General Data Protection Regulation is the framework for European Union privacy and data protection.  It applies to companies with an establishment in the EU, as well as those outside the EU that offer products and services to EU data subjects or monitor the behavior of EU data subjects, and consequently, process personal data of EU data subjects.  For those that are covered by the GDPR, compliance is essential.

You need an experienced privacy and data security lawyer with a solid understanding of the scope of the GDPR, how “personal data” is defined, the enhanced rights for data subjects, notice requirements, privacy by design, accountability, breach notification, penalties, and requirements for data controllers and data processors.  Hinch Newman works with clients to evaluate whether they are subject to the new rules, how they can comply, current privacy and data protection policies and procedures, gaps remediation strategies and best practice implementation.

Please contact us at (212) 756-8777, via email to [email protected] or via our Online Case Submission Form.    

Please contact us at (212) 756-8777, via email to [email protected] or via our Online Case Submission Form.