Site Search
Professionals 284 results
Capabilities 77 results
Practice Area
Winston takes a strategic approach to privacy and data security, integrating our extensive capabilities across practices to provide our clients with cutting-edge privacy and data security counseling, crisis management, security incident investigation and notification management, defense of data security class action litigation and regulatory inquiries, and international data protection. Our Global Privacy & Data Security Practice features a core team of privacy professionals and is bolstered by more than 40 attorneys from a variety of other disciplines firmwide. Our team combines compliance counselors, transactional lawyers, former government regulators and federal prosecutors, seasoned investigators, and experienced litigators. Few firms can rival our in-depth, sophisticated, and integrated experience in this area.
Practice Area
Industry
Development & Protection of AI Technologies
Our Intellectual Property (IP) and Privacy teams work closely together to counsel clients in building, protecting, and commercializing proprietary AI technologies and data; the use of third party or open source AI technologies and data; and the implications that these activities may have under privacy laws.
Experience 43 results
Experience
|November 26, 2025
Winston & Strawn Represented CFS Brands in its Acquisition of Cornerstone Foodservice Group
Winston represented CFS Brands, a portfolio company of TJC, in its acquisition of Cornerstone Foodservice Group, a global leader in foodservice equipment serving both front- and back-of-house applications through a portfolio of established, innovative brands.
Experience
|November 19, 2025
Blockfusion Enters into Business Combination with Blue Acquisition Corp.
Winston & Strawn LLP represents Blockfusion, the owner-operator of a strategically located, clean-energy-powered data center, in its announced business combination with Blue Acquisition Corp., a publicly traded special purpose acquisition company. The transaction attributes a pre-money equity value of approximately USD 450 million to Blockfusion and would result in Blockfusion becoming a publicly traded company upon listing.
Experience
|July 31, 2025
Nscale Forms $1 Billion AI Data Center Joint Venture with Aker
Winston & Strawn LLP represented Nscale Global Holdings Ltd. in connection with the formation of a 50/50 joint venture with Aker ASA to develop Stargate Norway, a $1 billion AI data center project in partnership with OpenAI. The facility will be located near Narvik, Northern Norway, and will be powered entirely by renewable hydropower.
Insights & News 3,280 results
Webinar
|December 17, 2025
Privacy Problems Webinar Series
Join the Winston & Strawn Global Privacy and Data Security Practice team for a conversation on emerging privacy trends to have on your radar as we approach the New Year. Topics will include a discussion of strategies companies can take to protect themselves against a wave of burgeoning claims under California’s Shine the Light Law, recent trends in wiretap lawsuits arising from online website monitoring and email tracking practices (hint: looking at you, Florida), and insights on why companies should pay close attention to commercial email subject lines sent to Washington recipients.
Speaking Engagement
|December 11, 2025
Bobby Malhotra Speaks on Legal Data Intelligence Webinar
Bobby Malhotra, chair of Winston’s eDiscovery & Information Governance Practice, will be a panelist on the “Legal Data Intelligence: Turning Contract Management into a Strategy for Business Enablement” webinar. Join Bobby for an in-depth discussion on how Legal Data Intelligence can transform contract management into a strategic driver for business enablement. This CLOC webinar will explore practical approaches to leveraging data, technology, and process improvements to accelerate business outcomes and reduce risk.
Product Liability & Mass Torts Digest
|December 9, 2025
|3 Min Read
From Credibility to Admissibility: Reblending the Expert Playbook Under Rule 702
The recent decision in Mendoza v. SharkNinja Operating, LLC by the District of Colorado offers a practical illustration of how federal courts are applying the heightened reliability standard under the 2023 amendments to Rule 702.
Other Results 110 results
Law Glossary
What Is the General Data Protection Regulation (GDPR) Law?
The European Union General Data Protection Regulation (GDPR) law is an act, applied across the Union, which directs data privacy. The GDPR law is designed to protect the data privacy of all EU citizens and guide organizational approaches to handling data, as well as transferring it across borders. Under the GDPR, breach notification is mandatory within 72 hours if the breach is likely to “result in a risk for the rights and freedoms of individuals.” The GDPR applies to organizations within the EU as well as those outside of the EU if they offer goods or services to European citizens. It also applies to organizations that monitor the behavior of data subjects online.
Law Glossary
What Is Cross-Border Data Protection Law?
A cross-border data protection law involves the safe movement of electronic, personal data around the world. The European Union currently has a cross-border data protection law called the General Data Protection Regulation, which replaces the EU’s Data Protection Directive 95/46/EC.
Law Glossary
What Is Data Breach and Data Security Law?
Within 48 U.S. states and the District of Columbia, data breach and data security laws require organizations and government agencies to provide notifications of security breaches when they involve personally identifiable information. Companies may also be required by state data breach laws to act to minimize the effects of a breach. The FTC can investigate companies that do not adhere to their stated privacy policies and do not have safeguards to protect customer data, but no broad federal law exists regarding breach notifications. However, these U.S. data security laws and government agency rules are enforced: