small-logo
ProfessionalsCapabilitiesInsights & NewsCareersLocations
About UsAlumniOpportunity & InclusionPro BonoCorporate Social Responsibility
Stay Connected:
facebookinstagramlinkedintwitteryoutube
Site Search
  • Professionals (177)
  • Capabilities (66)
  • Experience (29)
  • Insights & News (1,977)
  • Other Results (75)

Professionals 177 results

Alessandra Swanson
Alessandra Swanson
Partner
  • Chicago
Email
+1 312-558-7435
vCard

Partner

  • Chicago
Sean G. Wieber
Sean G. Wieber
Partner
  • Chicago
Email
+1 312-558-5769
vCard

Partner

  • Chicago
Bobby Malhotra
Bobby Malhotra
Partner
  • Los Angeles
Email
+1 213-615-1313
vCard

Partner

  • Los Angeles
View All Professionals

Capabilities 66 results

Practice Area

Privacy & Data Security

Winston takes a strategic approach to privacy and data security, integrating our extensive capabilities across practices to provide our clients with cutting-edge privacy and data security counseling, crisis management, security incident investigation and notification management, defense of data security class action litigation and regulatory inquiries, and international data protection. Our Global Privacy & Data Security Practice features a core team of privacy professionals and is bolstered by more than 40 attorneys from a variety of other disciplines firmwide. Our team combines compliance counselors, transactional lawyers, former government regulators and federal prosecutors, seasoned investigators, and experienced litigators. Few firms can rival our in-depth, sophisticated, and integrated experience in this area....Read more

Practice Area

Privacy: Regulated Personal Information (RPI)

Winston’s Regulated Personal Information (RPI) Practice offers seamlessly integrated counseling and litigation services to companies looking for practical and solution-oriented assistance navigating the compliance, regulatory, and private class action enforcement risks presented by the emerging patchwork of complex (and often conflicting) privacy laws in the United States and beyond....Read more

Practice Area

Class Actions & Group Litigation

Winston has developed a consistent record of success handling class action cases in state and federal courts. The practice is anchored by seasoned class action lawyers, many of whom have been recognized by Chambers USA and other ranking organizations as being top practitioners in their field. Our clients rely on us to steer them through class action matters by drawing on the firm’s significant experience in resolving complex litigation using creative and aggressive arguments, across a broad range of class, collective, coordinated, and mass actions, as well multidistrict litigation. We also have succeeded at trial in several class actions—a rare occurrence....Read more

Experience 29 results

Experience

|

November 19, 2025

Blockfusion Enters into Business Combination with Blue Acquisition Corp.

Winston & Strawn LLP represents Blockfusion, the owner-operator of a strategically located, clean-energy-powered data center, in its announced business combination with Blue Acquisition Corp., a publicly traded special purpose acquisition company. The transaction attributes a pre-money equity value of approximately USD 450 million to Blockfusion and would result in Blockfusion becoming a publicly traded company upon listing....Read more

Experience

|

July 31, 2025

Nscale Forms $1 Billion AI Data Center Joint Venture with Aker

Winston & Strawn LLP represented Nscale Global Holdings Ltd. in connection with the formation of a 50/50 joint venture with Aker ASA to develop Stargate Norway, a $1 billion AI data center project in partnership with OpenAI. The facility will be located near Narvik, Northern Norway, and will be powered entirely by renewable hydropower....Read more

Experience

|

November 13, 2024

Winston advised Astorg on the acquisition of a majority stake in Redslim, in partnership with its founders and management team

Winston and Strawn Paris represented Astorg, a leading Pan-European private equity firm in connection with the  signing of a binding agreement to acquire a majority stake in Redslim (the “Company”) from its Founders, Eric Bensimon, Alberto Alcaniz, Soren Altmann and Patric Mezei (the “Founders”), who will re-invest significantly in the business. Redslim provides data management services, leveraging a proprietary technology platform, and focusing on Consumer-Packaged Goods (CPG) and Consumer Healthcare (CHC) segments. Through this partnership, Astorg will support the Company’s growth and international expansion, collaborating closely with the Founders and the management team. ...Read more
View All Experience

Insights & News 1,977 results

Winston’s Environmental Law Update

|

February 11, 2026

|

7 Min Read

Packaging EPR Regulations Sputter, as Preliminary Injunction is Issued for Oregon’s Law, while California Again Withdraws its Proposed Implementing Regulations

Seven states have passed Extended Producer Responsibility (EPR) laws related to single-use packaging and plastic food serviceware, with other states considering similar legislation. The intent of these laws is to hold the producers of covered materials financially responsible for their ultimate disposal. Certain states are also requiring the reduction of plastic or non-recyclable plastic used in these materials over time. Legislation is in various stages of implementation, and Oregon is the first state to issue fees to producers. In connection with a legal challenge to Oregon’s EPR program, a court recently granted a preliminary injunction, preventing Oregon from enforcing the law against the plaintiff (an industry group) pending resolution of the case. Meanwhile, CalRecycle continues to struggle with finalizing its proposed regulations implementing California’s EPR law, this time withdrawing its proposed regulations to tinker with provisions related to food and agricultural commodities.

Benefits Blast

|

February 5, 2026

|

4 Min Read

A Turning Point for Proxy Advisors: JPMorgan’s AI Pivot Amid Intensifying Regulatory Scrutiny

Recent developments suggest a potential inflection point in the proxy advisory landscape. JPMorgan Chase & Co.’s decision to discontinue the use of proxy advisory firms in favor of an internal, AI-driven voting platform, combined with escalating regulatory, legislative, and enforcement activity targeting the industry, signals heightened scrutiny of the role and influence of proxy advisors in U.S. capital markets. In this alert, we examine JPMorgan’s move, the broader regulatory and political backdrop, and what these developments may mean for plan fiduciaries, asset managers, and public companies navigating proxy voting and governance decisions in a rapidly evolving environment. 

Benefits Blast

|

February 3, 2026

|

3 Min Read

Group Health Plans Must Update HIPAA Notices by February 16 to Address New SUD Privacy Rules

Covered entities, including group health plans, must update and distribute their Health Insurance Portability and Accountability Act of 1996 (HIPAA) Notice of Privacy Practices (NPP) by February 16, 2026, to comply with new rules for handling substance use disorder ) records.

View All Insights & News

Other Results 75 results

Law Glossary

What Is Privacy Compliance Law?

The area of privacy compliance law addresses how organizations meet legal and regulatory requirements for collecting, processing, or maintaining personal information. Data privacy breaches can lead to regulatory investigations and fines. When privacy is compromised, consumers or employees may respond with civil lawsuits. It is recommended, but not required by a federal law, that companies create and post privacy policies on websites and mobile apps. Once posted, companies must follow these policies or face scrutiny by the Federal Trade Commission. (California and Delaware state law does require privacy policies to be posted on websites and mobile applications, if the site collects personally identifiable information)....Read more

Law Glossary

What Is Data Breach and Data Security Law?

Within 48 U.S. states and the District of Columbia, data breach and data security laws require organizations and government agencies to provide notifications of security breaches when they involve personally identifiable information. Companies may also be required by state data breach laws to act to minimize the effects of a breach. The FTC can investigate companies that do not adhere to their stated privacy policies and do not have safeguards to protect customer data, but no broad federal law exists regarding breach notifications. However, these U.S. data security laws and government agency rules are enforced:...Read more

Law Glossary

What Is the General Data Protection Regulation (GDPR) Law?

The European Union General Data Protection Regulation (GDPR) law is an act, applied across the Union, which directs data privacy. The GDPR law is designed to protect the data privacy of all EU citizens and guide organizational approaches to handling data, as well as transferring it across borders. Under the GDPR, breach notification is mandatory within 72 hours if the breach is likely to “result in a risk for the rights and freedoms of individuals.” The GDPR applies to organizations within the EU as well as those outside of the EU if they offer goods or services to European citizens. It also applies to organizations that monitor the behavior of data subjects online....Read more
Logo
facebookinstagramlinkedintwitteryoutube

Copyright © 2026. Winston & Strawn LLP

AlumniCorporate Transparency Act Task ForceDEI Compliance Task ForceEqual Rights AmendmentLaw GlossaryThe Oval UpdateWinston MinutePrivacy PolicyCookie PolicyFraud & Scam AlertsNoticesSubscribeAttorney Advertising