From start-ups to global corporations, Wilson Sonsini has advised hundreds of clients on all aspects of privacy and data protection law. Our attorneys serve a broad array of industries, including Internet, technology, digital media and entertainment, social media, hospitality, and healthcare. Our major areas of focus are:

Government Investigations and Inquiries

Wilson Sonsini is uniquely positioned to assist companies with governmental investigations that are often triggered by high-profile privacy incidents, novel business practices, and data breaches. Global in scope, we meet the challenges posed by these multi-jurisdictional inquiries by drawing on our experience handling and coordinating privacy investigations initiated by the Federal Trade Commission, the Federal Communications Commission, U.S. state attorneys general, European data protection authorities, and the European Union Article 29 Working Party.


We frequently counsel clients on data compliance strategies to address sophisticated global issues and specific local requirements. Our experience in privacy litigation gives us a peerless perspective on how to build effective governance and compliance programs. We also help clients determine and implement effective data transfer strategies, whether they involve membership in the U.S. safe harbor framework, approval of binding corporate rules (BCRs), cross-border privacy rules (CBPRs), or use of EU standard contractual clauses. In addition, we assist clients in reconciling the demands of EU data protection law with conflicting legal obligations, such as Sarbanes-Oxley and e-discovery requirements.


Our firm’s litigation team has successfully defended clients since the privacy litigation trend emerged. We routinely handle the most complex and cutting-edge privacy cases. We are currently defending dozens of putative privacy class actions, including cases involving allegations of the improper tracking of user behavior online and on mobile devices, the collection of unencrypted Wi-Fi transmissions, and claims under the Electronic Communications Privacy Act (ECPA), the Computer Fraud and Abuse Act (CFAA), the Video Privacy Protection Act (VPPA), the Telephone Consumer Protection Act (TCPA), and the Fair and Accurate Credit Transactions Act (FACTA).

National Security and Electronic Surveillance

Our national security professionals advise clients on the issues that arise when the government seeks user data or customer information, or attempts to compel one of our clients to directly assist in intelligence and law enforcement operations. Our team has particular expertise with respect to cybersecurity, advising clients responding to notifications from the Federal Bureau of Investigation, the Department of Homeland Security, and other members of the intelligence community that their systems, products, or employees may have been targeted for cyber exploitation by foreign state actors.


We regularly represent companies in high-stakes mergers, acquisitions, and asset dispositions in which data is a key asset and where data transfers raise sensitive, complex, and often novel privacy issues. Our attorneys represent financial institutions and other companies in IPOs and other financial offerings involving companies whose business models involve collecting, processing, and disclosing user data. We also assist companies in negotiating licensing, outsourcing, services, and other commercial transactions, including advising on privacy and data-security-related risks and obligations relating to the use, processing, security, and monetization of consumer data.

To learn more about our practice, please visit our firm website.