small-logo
ProfessionalsCapabilitiesInsights & NewsCareersLocations
About UsAlumniOpportunity & InclusionPro BonoCorporate Social Responsibility
Stay Connected:
facebookinstagramlinkedintwitteryoutube
Site Search

Capabilities 83 results

Practice Area

Privacy & Data Security

Winston takes a strategic approach to privacy and data security, integrating our extensive capabilities across practices to provide our clients with cutting-edge privacy and data security counseling, crisis management, security incident investigation and notification management, defense of data security class action litigation and regulatory inquiries, and international data protection. Our Global Privacy & Data Security Practice features a core team of privacy professionals and is bolstered by more than 40 attorneys from a variety of other disciplines firmwide. Our team combines compliance counselors, transactional lawyers, former government regulators and federal prosecutors, seasoned investigators, and experienced litigators. Few firms can rival our in-depth, sophisticated, and integrated experience in this area....Read more

Practice Area

Privacy: Regulated Personal Information (RPI)

Winston’s Regulated Personal Information (RPI) Practice offers seamlessly integrated counseling and litigation services to companies looking for practical and solution-oriented assistance navigating the compliance, regulatory, and private class action enforcement risks presented by the emerging patchwork of complex (and often conflicting) privacy laws in the United States and beyond....Read more

Practice Area

Securities, M&A & Corporate Governance Litigation

In today’s market, litigators with experience in securities, corporate governance, and M&A-related (collectively, “securities litigation”) matters need to leverage their broad experience to serve as both advocate and as counsel and strategist, focused on helping clients to overcome not just a legal issue but a collective business problem. Given the frequent interplay between things such as corporate-control transactions, public offerings, activist shareholders, the use of complex derivatives and other financial instruments, bad news impacting stock performance, regulatory inquiries and investigations, and insurance coverage, strategic and tactical litigation decisions can have a wide-ranging impact on the success of a given transaction, as well as on companies, their boards, senior management, and advisors....Read more

Experience 253 results

Experience

|

February 4, 2026

Ventus Industrial Partners and Aeron Defense acquisition of General Tool Company and Magna Machine Company

A Winston & Strawn deal team led by Partners Justin Levy in New York and Paul Amiss in London advised Aeron Defense, a newly formed defense platform established by Ventus Industrial Partners in partnership with GenNx360 Capital Partners and Admiralty Partners, on its acquisition of defense contracting specialists General Tool Company and Magna Machine Company....Read more

Experience

|

February 2, 2026

Ventus Industrial Partners and Aeron Defense acquisition of General Tool Company and Magna Machine Company

A Winston & Strawn deal team led by Partners Justin Levy in New York and Paul Amiss in London advised Aeron Defense, a newly formed defense platform established by Ventus Industrial Partners in partnership with GenNx360 Capital Partners and Admiralty Partners, on its acquisition of defense contracting specialists General Tool Company and Magna Machine Company....Read more

Experience

|

January 27, 2026

PayPal Successfully Invalidates Asserted Claims of Secure Payment Transaction Patent Under 35 U.S.C. § 101

Winston & Strawn secured a decisive victory for PayPal in an intellectual property dispute brought by Irish non-practicing entity Internet Payment Patents LTD (IPPL). Magistrate Judge Susan van Keulen of the Northern District of California entered final judgment in PayPal’s favor, finding all asserted patent claims ineligible under 35 U.S.C. § 101 and granting PayPal’s motion to dismiss without leave to amend....Read more
View All Experience

Insights & News 4,686 results

Client Alert

|

February 19, 2026

|

4 Min Read

Upcoming Registration and Reporting Deadlines for VC Funds with CA Nexus

Under California’s Fair Investment Practices by Venture Capital Companies Law (the FIPVCC), venture capital funds with a nexus to California (Covered Entities) will be required to register with the California Department of Financial Protection & Innovation (the DFPI) starting in March 2026 and report demographic information about their portfolio companies to the DFPI starting in April 2026. The purpose of the FIPVCC is to increase transparency regarding the demographics of the founding teams of the portfolio companies in which Covered Entities invest.

Investigations, Enforcement, & Compliance Alerts

|

February 18, 2026

|

3 Min Read

Beyond the CMMC: New Cybersecurity Assessments for Government Contractors

The General Services Administration (GSA) recently announced changes to procedural guidance that may affect contractor eligibility for GSA contracts. GSA issued the IT Security Procedural Guide: Protecting Controlled Unclassified Information (CUI) in Nonfederal Systems and Organizations Process CIO-IT Security-21-112, which set out a cybersecurity framework for protecting CUI that is similar to the Cybersecurity Maturity Model Certification (CMMC) for DoD contracts. 

Benefits Blast

|

February 17, 2026

|

9 Min Read

New Transparency Requirements for Pharmacy Benefit Managers: What Group Health Plan Sponsors Need to Know

Recent developments at the federal legislative and regulatory levels signal a significant shift toward greater transparency requirements in the pharmacy benefit management (PBM) industry.

View All Insights & News

Other Results 123 results

Law Glossary

What Is Data Breach and Data Security Law?

Within 48 U.S. states and the District of Columbia, data breach and data security laws require organizations and government agencies to provide notifications of security breaches when they involve personally identifiable information. Companies may also be required by state data breach laws to act to minimize the effects of a breach. The FTC can investigate companies that do not adhere to their stated privacy policies and do not have safeguards to protect customer data, but no broad federal law exists regarding breach notifications. However, these U.S. data security laws and government agency rules are enforced:...Read more

Law Glossary

What Is Data Security Law?

Though the U.S. has not passed legislation dealing solely with data security law, organizations are expected to safeguard sensitive information and establish privacy policies. Legislation addressing specific types of sensitive data is found within various U.S. laws, such as the Gramm-Leach-Bliley Act....Read more

Law Glossary

What Is Online Privacy?

The definition of online privacy is the level of privacy protection an individual has while connected to the Internet. It covers the amount of online security available for personal and financial data, communications, and preferences. Internet users often attempt to increase online privacy through anti-virus software, strong password choices, turning off tracking, reviewing site security, and opting for stricter privacy settings. Risks to online privacy range from phishing scams to malware, while problems with website security may result in identity theft....Read more
Logo
facebookinstagramlinkedintwitteryoutube

Copyright © 2026. Winston & Strawn LLP

AlumniCorporate Transparency Act Task ForceDEI Compliance Task ForceEqual Rights AmendmentLaw GlossaryThe Oval UpdateWinston MinutePrivacy PolicyCookie PolicyFraud & Scam AlertsNoticesSubscribeAttorney Advertising