small-logo
ProfessionalsCapabilitiesInsights & NewsCareersLocations
About UsAlumniOpportunity & InclusionPro BonoCorporate Social Responsibility
Stay Connected:
facebookinstagramlinkedintwitteryoutube
Site Search

Capabilities 78 results

Practice Area

Privacy & Data Security

Winston takes a strategic approach to privacy and data security, integrating our extensive capabilities across practices to provide our clients with cutting-edge privacy and data security counseling, crisis management, security incident investigation and notification management, defense of data security class action litigation and regulatory inquiries, and international data protection. Our Global Privacy & Data Security Practice features a core team of privacy professionals and is bolstered by more than 40 attorneys from a variety of other disciplines firmwide. Our team combines compliance counselors, transactional lawyers, former government regulators and federal prosecutors, seasoned investigators, and experienced litigators. Few firms can rival our in-depth, sophisticated, and integrated experience in this area....Read more

Practice Area

Trademark Litigation, Prosecution & Brand Protection

Industry

Development & Protection of AI Technologies

Our Intellectual Property (IP) and Privacy teams work closely together to counsel clients in building, protecting, and commercializing proprietary AI technologies and data; the use of third party or open source AI technologies and data; and the implications that these activities may have under privacy laws....Read more

Experience 43 results

Experience

|

November 26, 2025

Winston & Strawn Represented CFS Brands in its Acquisition of Cornerstone Foodservice Group

Winston represented CFS Brands, a portfolio company of TJC, in its acquisition of Cornerstone Foodservice Group, a global leader in foodservice equipment serving both front- and back-of-house applications through a portfolio of established, innovative brands. ...Read more

Experience

|

November 19, 2025

Blockfusion Enters into Business Combination with Blue Acquisition Corp.

Winston & Strawn LLP represents Blockfusion, the owner-operator of a strategically located, clean-energy-powered data center, in its announced business combination with Blue Acquisition Corp., a publicly traded special purpose acquisition company. The transaction attributes a pre-money equity value of approximately USD 450 million to Blockfusion and would result in Blockfusion becoming a publicly traded company upon listing....Read more

Experience

|

July 31, 2025

Nscale Forms $1 Billion AI Data Center Joint Venture with Aker

Winston & Strawn LLP represented Nscale Global Holdings Ltd. in connection with the formation of a 50/50 joint venture with Aker ASA to develop Stargate Norway, a $1 billion AI data center project in partnership with OpenAI. The facility will be located near Narvik, Northern Norway, and will be powered entirely by renewable hydropower....Read more
View All Experience

Insights & News 3,260 results

Client Alert

|

February 19, 2026

|

4 Min Read

Upcoming Registration and Reporting Deadlines for VC Funds with CA Nexus

Under California’s Fair Investment Practices by Venture Capital Companies Law (the FIPVCC), venture capital funds with a nexus to California (Covered Entities) will be required to register with the California Department of Financial Protection & Innovation (the DFPI) starting in March 2026 and report demographic information about their portfolio companies to the DFPI starting in April 2026. The purpose of the FIPVCC is to increase transparency regarding the demographics of the founding teams of the portfolio companies in which Covered Entities invest.

Global Trade & Foreign Policy Insights

|

February 19, 2026

|

9 Min Read

United States Issues Significant New Sanctions Relief for Venezuela’s Oil & Gas Sector

Although Venezuela remains subject to sanctions targeting the Government of Venezuela (GoV) and entities in which it holds a 50% or greater ownership interest, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has issued a series of General Licenses (GLs) representing the broadest easing of Venezuela-related sanctions in years.

Investigations, Enforcement, & Compliance Alerts

|

February 18, 2026

|

3 Min Read

Beyond the CMMC: New Cybersecurity Assessments for Government Contractors

The General Services Administration (GSA) recently announced changes to procedural guidance that may affect contractor eligibility for GSA contracts. GSA issued the IT Security Procedural Guide: Protecting Controlled Unclassified Information (CUI) in Nonfederal Systems and Organizations Process CIO-IT Security-21-112, which set out a cybersecurity framework for protecting CUI that is similar to the Cybersecurity Maturity Model Certification (CMMC) for DoD contracts. 

View All Insights & News

Other Results 106 results

Law Glossary

What Is the General Data Protection Regulation (GDPR) Law?

The European Union General Data Protection Regulation (GDPR) law is an act, applied across the Union, which directs data privacy. The GDPR law is designed to protect the data privacy of all EU citizens and guide organizational approaches to handling data, as well as transferring it across borders. Under the GDPR, breach notification is mandatory within 72 hours if the breach is likely to “result in a risk for the rights and freedoms of individuals.” The GDPR applies to organizations within the EU as well as those outside of the EU if they offer goods or services to European citizens. It also applies to organizations that monitor the behavior of data subjects online....Read more

Law Glossary

What Is Cross-Border Data Protection Law?

A cross-border data protection law involves the safe movement of electronic, personal data around the world. The European Union currently has a cross-border data protection law called the General Data Protection Regulation, which replaces the EU’s Data Protection Directive 95/46/EC....Read more

Law Glossary

What Is Data Breach and Data Security Law?

Within 48 U.S. states and the District of Columbia, data breach and data security laws require organizations and government agencies to provide notifications of security breaches when they involve personally identifiable information. Companies may also be required by state data breach laws to act to minimize the effects of a breach. The FTC can investigate companies that do not adhere to their stated privacy policies and do not have safeguards to protect customer data, but no broad federal law exists regarding breach notifications. However, these U.S. data security laws and government agency rules are enforced:...Read more
Logo
facebookinstagramlinkedintwitteryoutube

Copyright © 2026. Winston & Strawn LLP

AlumniCorporate Transparency Act Task ForceDEI Compliance Task ForceEqual Rights AmendmentLaw GlossaryThe Oval UpdateWinston MinutePrivacy PolicyCookie PolicyFraud & Scam AlertsNoticesSubscribeAttorney Advertising