Lawyers in this area advise business clients on cyber security issues, including internal security protocols, the collection and storage of personal data, and on how to respond to a data breach. While privacy lawyers are most often called into action in the wake of a data security breach, they also help their clients comply with regulations and counsel on ways to prevent data theft or loss. Lawyers may work on incidence response teams and can be called on to work long hours after a client’s data has been breached. Data privacy lawyers will also frequently be involved in claims, litigation, and regulatory investigations arising from data security breaches. This is a growing and changing area of law, so lawyers may be regularly dealing with unsettled law and must stay up to date on security technology and emerging threats to IT security, as well as rapidly emerging regulations and case law that can pose challenges to their clients.
- Class Actions
- Internet Law
- Privacy and Data Security Law
- Seminars (e.g., Internet and the Law; Technology and the Law)
- In-house attorney at technology company
- In-house data privacy attorney at a large company
- Law firm practice
Describe your practice area and what it entails.
Julie: I am a litigator, and I specialize in handling disputes relating to user data on our clients’ platforms. Some of the attorneys in our group have more of a mixed practice, and they both litigate and provide counseling to our clients. The law in this area is evolving quickly, so there is always new legislation and caselaw relating to this work.
Nicola: My practice consists of approximately two-thirds litigation and one-third counseling in the areas of privacy and data security. Most of my litigation work involves defending technology companies in class actions related to alleged privacy issues. The counseling side of my practice generally involves digging deep into statutes and regulations to help clients apply those statutes and regulations to new and emerging technologies and issues. However, these are just examples. What I love about my practice is that it is varied and that I am always learning and doing new things. It is difficult to describe in a few words the varied work that comes across my desk each day.
What types of clients do you represent?
Julie: I work with a wide variety of the firm’s large technology clients, including many (like Google) that are household names.
Nicola: Most of my clients are in the technology industry, though I also have retail clients and utility clients, as well as clients that do not fall into any of those buckets.
What types of cases/deals do you work on?
Julie: I handle litigation that arises from the alleged collection and use of user data. These cases may be private party litigation, class actions, or even cases brought by the attorney general; they most often involve invasion of privacy claims or claims under consumer protection laws prohibiting deceptive or unfair practices.
Nicola: The great majority of my cases are privacy class actions. For example, I defended Google in a landmark class action alleging that aspects of Google Photos violated the Illinois Biometric Information Privacy Act. Following discovery, our team obtained a summary judgment victory on the ground that the plaintiffs had not suffered an injury sufficient to establish Article III standing. I also do appellate work, generally in the capacity of representing clients as amici in matters that are important to them. For example, representing Dropbox Inc., Google Inc., and other clients, I filed a brief with the New York Supreme Court arguing that recipients of warrants issued under the Stored Communications Act have a pre-execution right of review and that indefinite gag orders issued in conjunction with such warrants violate the First Amendment.
How did you choose this practice area?
Julie: I started out as a general commercial litigator. Over time, I began working on matters for our firm’s technology clients, and I found the issues they faced extremely interesting. Working as a privacy lawyer allows me to work on cutting-edge matters in an area that is constantly changing to address novel legal issues.
Nicola: I knew even before going to law school that I wanted to work at the intersection of law and technology because the issues are challenging, interesting, and ever-changing. Over the course of law school and summer jobs, I also realized that the parts of practicing law that I like best are writing, oral advocacy, and working with teams. For those reasons, I chose to be a litigator. When I arrived at Perkins Coie, I discovered a thriving and busy privacy and data security litigation practice that was full of really smart, intellectually curious, and engaging lawyers. It was, therefore, a no-brainer for me to seek to work in that practice area and with those lawyers.
What is a typical day like and/or what are some common tasks you perform?
Julie: There is no “typical” day since my work changes depending on my clients’ immediate needs. On any given day, I may have client meetings, court appearances, or depositions. Often, I spend a good part of my day briefing novel issues for our clients.
Nicola: The type of work I do varies from day to day and includes fact-finding and understanding technology by speaking with in-house counsel, drafting and revising briefs, drafting analyses of products and technologies, working with a litigation team to develop strategy or address discovery issues, and, occasionally, preparing or attending depositions and hearings.
What training, classes, experience, or skills development would you recommend to someone who wishes to enter your practice area?
Julie: Someone interested in privacy law should, of course, sign up for law school classes that pertain to this area. Because the law is changing so rapidly, it is good to regularly read up on new developments by reading new cases and experts’ legal blogs.
Nicola: I would recommend a class that introduces you to the basic issues surrounding class action litigation, since that can be difficult to understand initially. I would also recommend classes related to internet law and privacy and data security. A lot of this practice involves applying substantive knowledge of a rapidly changing legal regime to technology and business practices, so it is essential to have a good understanding of that privacy and data legal landscape to practice in this area.
What is unique about your practice area at your firm?
Julie: First, this practice area is unique because it is so new and ever-changing. We get to work on interesting, often unsettled, legal issues for the top companies in the tech world. Also, attorneys in our group can acquire broad experience in both counseling clients on privacy law as well as litigating novel legal issues. Privacy law is challenging (but also endlessly interesting) because it is a relatively new area of the law that is developing and evolving all the time. There is still a lot of uncertainty in the law surrounding new technologies, so this practice keeps me on my toes—there is always something new to learn.
How do you see this practice area evolving in the future?
Nicola: I think privacy and data security law will be growing rapidly in the near and medium term. Personal data is becoming an increasingly important driver of the economy at the same time that society is grappling with how individuals can protect and manage their own personal information. Lawyers in this practice area are going to see a lot of work, ranging from helping clients interpret and comply with new laws to defending litigation asserting new theories and claims related to privacy.
What kinds of experience can summer associates gain in this practice area at your firm?
Julie: Summer associates are assigned the same sort of work that our junior associates handle. They will research legal issues and write memos or sections of court filings. Where appropriate, summer associates are invited to attend client meetings and court appearances. In short, we try to give our summer associates a good idea of the kind of work they would do if they join the firm as a new lawyer.
Given how quickly technology is evolving, how do you stay ahead of it and prepare for issues that may arise?
Julie: Because the law in this area changes so often, I make it a point to regularly read all new legislation and new decisions that affect my practice. The attorneys in the privacy law group also share news of important changes to ensure we all stay on top of new developments.
Nicola: I read legal news and case summaries about privacy developments every day and stay attuned to current events generally, which are continually shaping the privacy and data security legal landscape. However, the best way to stay ahead of evolving technology is to understand deeply the clients involved in developing that technology.
Julie Schwartz, Partner, and Nicola Carah Menaldo, Counsel—Commercial Litigation
Julie Schwartz focuses her practice on federal and state court litigation with an emphasis on internet and technology law. Julie routinely handles unfair competition, false advertising, breach of contract, Communications Decency Act, and First Amendment disputes. She also litigates common law and statutory privacy claims under the Telephone Consumer Protection Act, Wiretap Act, Stored Communications Act, Computer Fraud and Abuse Act, and California’s Song-Beverly Credit Card Act. She is a member of the firm’s Electronic Communications Privacy Act (ECPA) compliance team and works with clients on data security issues and third-party requests for information. In addition, Julie regularly counsels clients on compliance with California’s Proposition 65 law. She has successfully settled numerous Prop 65 disputes for clients in the consumer product space.
Nicola Menaldo represents and counsels technology and retail clients on a wide range of issues central to their business needs, including privacy and data security, marketing, biometrics, scraping and web crawling, machine learning, and international privacy and data security compliance. Nicola’s practice includes counseling and defending clients in class action litigation, as well as product counseling related to product launches and improvements. Nicola also regularly represents parties and amici in appellate matters addressing First Amendment, Fourth Amendment, and privacy-related issues.