Covington & Burling LLP | Practices, Industries & Regions

Many of the firm’s efforts in the fields of privacy and data security involve working directly with legislators and regulators to address emerging public policy issues. We have lobbied, monitored, and advised at both the federal and state levels, and on European Union (EU) and Member State legislation regarding data protection. We are actively involved on behalf of our clients in the current review of the European data privacy framework, the most significant change in European privacy regulation in almost 20 years.

Through our practice, we have developed extensive contacts at regulatory agencies, in Congress, and throughout the EU with whom we have worked closely to help shape and respond to the major privacy and security policy issues of our day. We also regularly appear before agencies and legislatures to testify about the implications of various privacy initiatives on both online and off-line activities. In addition, we often provide analyses to legislatures in countries that are either adopting data protection regimes for the first time, particularly in Latin America and Africa, and those that are refining long-standing privacy regimes, particularly in Asia.

Covington lawyers have been deeply involved in the legislative and regulatory processes that produced key laws in the areas of financial privacy, health information privacy, and children’s online privacy. In addition, we were asked to advise the European Commission in connection with implementation of the EU-US Safe Harbor arrangement for the transfer of data to the United States. We also provided expert testimony before EU authorities regarding compliance issues encountered by multinational companies.

Representative Matters

Testified before the Senate Banking Committee and state legislatures on the scope and meaning of the Gramm-Leach-Bliley Act’s privacy provisions, including repeated and extensive appearances before California legislative committees on pending legislation to increase financial institution privacy obligations.
Testified before the House Ways and Means Subcommittee on proposals to limit the use of social security numbers as unique identifiers.
Worked with the House and Senate Commerce and Judiciary Committees to develop federal spyware legislation, including preparing witness testimony before the Senate Commerce Committee. Our efforts also included meeting with officials in the Department of Commerce and preparing panelists to speak at FTC workshops regarding spyware.
Participated in legislative efforts to formulate data security legislation in the US and the EU, including working with the House and Senate Commerce, Judiciary and Financial Services Committees, drafting amendments and testimony, and attending industry meetings.
Reviewed and commented on federal spam legislation and prepared witness testimony before the House and Senate Commerce Committees. We also filed comments regarding the Federal Trade Commission’s implementing regulations after the legislation was passed into law.
Advising on the proposed EU Data Protection Regulation as well as on the growing number of data privacy laws in the Asia-Pacific and Latin American regions.
Consulted with various Eastern European agencies regarding the implementation of national data privacy legislation and compliance with EU requirements.