1. Insights
  2. News
  3. Media Mentions

In CCBJ, Natasha Kohne and Michelle Reed Discuss the Impact of New Data Privacy Laws on U.S. Businesses

December 11, 2019

Reading Time : 2 min
Jump to
View People Mentioned in This NewsView Related Services, Sectors, and Regions

Contact:

Alexandra Field

Director of Communications

Send Email
+1 212.407.3167

Jacinta O'Shea-Ramdeholl

Senior Manager, International Communications

Send Email
+1 212.407.3080

Akin Gump cybersecurity, privacy and data protection practice co-heads Natasha Kohne and Michelle Reed were interviewed by Corporate Counsel Business Journal on the topic of new data regulations at the federal and state levels and what businesses should know about them.

The article, “New Data Privacy and Security Laws Put U.S. Companies on the Defensive,” includes the following highlights:

  • On trends in cyber/privacy: “Many of the issues we’re seeing on the cybersecurity front involve various kinds of fraud: business email compromise scams, wire transfer fraud, cyber breaches that involved some sort of intellectual property–gathering efforts… On the privacy side, it is an entirely new world. Until now, in the United States, data has been a commodity that was used and exchanged at no price, because there was no comprehensive privacy regime in the United States. With the introduction of the CCPA[California Consumer Privacy Act], and with similar legislation pending in other states, companies are having to conduct new analyses.” (Reed)
  • On enforcement of state-level privacy regulations: “I expect enforcement for [New York state’s] SHIELD [Stop Hacks and Improve Electronic Data Security] and CCPA and other privacy statutes that are passed in the U.S. to be consistent but not overly robust. The attorney general’s office in California, for example, has already publicly noted that it has limited resources to enforce the CCPA.” (Kohne)
  • On large-scale breaches: “Multistate and international breaches are complex and require a legal team that is very familiar with the company and with cybersecurity laws. It’s crucial to understand whether the data that was impacted actually rises to the level of notification – and if it does, what notification is required and how it’s rolled out.” (Reed)
  • On attorney-client privilege: “Case law regarding attorney-client privilege continues to evolve. Courts have generally respected the attorney work-product doctrine in the context of a data breach investigation. However, companies should be on notice that forensic reports, risk assessments and other security-related documents must be prepared under the umbrella of attorney-client privilege, where all parties are working at the direction of outside counsel...” (Kohne)

To read the full article, click here.

Share This Insight

Related Services, Sectors, and Regions

© 2025 Akin Gump Strauss Hauer & Feld LLP. All rights reserved. Attorney advertising. This document is distributed for informational use only; it does not constitute legal advice and should not be used as such. Prior results do not guarantee a similar outcome. Akin is the practicing name of Akin Gump LLP, a New York limited liability partnership authorized and regulated by the Solicitors Regulation Authority under number 267321. A list of the partners is available for inspection at Eighth Floor, Ten Bishops Square, London E1 6EG. For more information about Akin Gump LLP, Akin Gump Strauss Hauer & Feld LLP and other associated entities under which the Akin Gump network operates worldwide, please see our Legal Notices page.