Nicholas Farnsworth

Associate

Boston


Read full biography at www.orrick.com

Privacy and cybersecurity underpins the innovative strategies of businesses across all sectors and introduces both legal and operational concerns. As a member of Orrick's internationally recognized Cyber, Privacy & Data Innovation team, Nick Farnsworth advises clients on a broad range of privacy and cybersecurity matters, including compliance, risk management and incident response.

Nick's practice focuses on guiding clients through the existing patchwork of state, federal and international privacy and cybersecurity laws. His practice includes advising clients on Section 5 of the Federal Trade Commission Act, the Fair Credit Reporting Act (FCRA), the Telephone Consumer Protection Act (TCPA), CAN-SPAM, state breach notification laws and state privacy and cybersecurity laws, such as the California Consumer Privacy Act. Nick also advises clients on the impact of international laws from a U.S. perspective, including the European Union General Data Protection Regulation (GDPR).

Nick assists clients from a broad range of industries and sectors in assessing their current privacy and cybersecurity practices. He regularly assists clients in developing global privacy and cybersecurity programs to practically implement the principles and obligations underlying various legal regimes, as well as assessing proposed marketing/advertising, transactional and business strategies from a privacy and cybersecurity perspective. Nick also advises clients on the assessment of suspected incidents/breaches and any associated notification obligations, as well as the privacy and cybersecurity risks associated with proposed transactions and ventures.

In addition, Nick has an active pro bono practice, which has included representing clients in immigration matters and assisting small businesses with their legal needs.

Posts by: Nicholas Farnsworth

State Legislators Joining the Consumer Privacy Protection Party: Introduced CCPA-Like Bills

In 2018, the California legislature made headlines with its game-changing data protection law: the California Consumer Privacy Act of 2018. Other state legislators across the country appear to be hot on its heels as a flurry of CCPA-like bills have been introduced across the United States. While it is too early to predict which of these bills, if any, will be enacted, this increased focus on privacy in the state legislatures is clearly a sign that the privacy landscape—and consequent compliance challenges for companies—is going to get more complicated. READ MORE

Roller Coaster Start to the New Year for Biometrics: Rosenbach v. Six Flags and Emerging Biometric Laws

A recent decision from the Supreme Court of Illinois heightens the risks faced by companies collecting biometric information by holding that an individual who is the subject of a violation of Illinois’ Biometric Information Privacy Act—but who suffered no separate harm from the violation—is an “aggrieved party” with a cause of action under the statute. Rosenbach v. Six Flags Entertainment Corp., No. 123186 (Ill. Jan. 25, 2019). This decision will only further embolden plaintiffs’ lawyers to bring biometric privacy suits, and the risk to companies collecting biometric information will likely increase as newly enacted and proposed legislation comes into effect. In this post, we discuss what happened, what is on the horizon, and some steps to consider. READ MORE