Jim is a partner in the Technology, Privacy & IP Transactions Group and co-chairs the firm’s Privacy & Security task force. His practice leverages both his experience in board level technology and outsourcing projects and his experience in sophisticated privacy, security and network intrusion issues.
Jim has worked on numerous transformative technology initiatives, including a range of IT, BPO, HR, F&A, facilities management, ERP, cloud, ecommerce/online, open source and social media engagements. Privacy and security are central issues in nearly every technology and data centric initiative in Jim’s practice. Accordingly, he has worked extensively with clients on privacy and security issues and initiatives for a number of years, including having founded the firm’s privacy task force in 1998, which was the same year he wrote one of the first U.S. articles on the EU Data Directive. This includes extensive work on behalf of financial services, health care, telecommunications and other regulated companies, retailers, online advertising issues and international data transfer issues.
His practice also involves security breach management and response, including everything from notification of the affected individuals, to e-discovery and internal investigations and law enforcement issues. Jim worked with a number of partners to form the firm’s Security Incident Management and Response Team, a unique team devoted to cyber and security crisis management and response.
Privacy and Data Security
- Represented a leading payment processing company in all phases of unauthorized intrusion into their network and all associated third party actions and proceedings.
- Assisting an international retailer in a comprehensive overhaul of its privacy, security, PCI and data management practices, while counseling the company in an FTC and multiple state attorneys general investigations.
- Advising one of the world’s largest interactive marketing providers in an international criminal network intrusion involving records of more than 60 million individuals worldwide.
- Advising one of the world's largest Internet and email concerns on its implementation of safe harbor compliance obligations with its worldwide network of edge network providers.
- Assisting one of the world's largest investment banks in its implementation of the Red Flag Rules.
- Advising a major retailer in a breach involving more than 1 million names and social security numbers in all fifty states.
- Assisting an offshore multinational bank and financial services entity on its data gathering, use and transfer compliance program spanning 10 jurisdictions and three continents, including the EU.
- Assisting one of the world’s largest private companies in design, development and compliance initiatives for a consolidated data base of employee information for more than 700 subsidiary companies in more than 20 countries.
- Multiple comprehensive outsourcings and renegotiations of IT and processing infrastructure on behalf of Fortune 100/500 members, spanning multiple source and destination jurisdictions and continents.
- Representation of a UK private equity investment group in the acquisition of a U.S.-based outsourcing provider in the health care space and subsequent move of substantially the entire service delivery infrastructure offshore.
- Representation of one of the world's largest hybrid public-private banking concerns in the integration and license of a comprehensive Enterprise Resource Planning system involving operations in at least 23 countries.
- Representation of one of the world's largest money managers in the "transfer" portion of a Build/Operate/Transfer transaction, addressing tax, benefits, intellectual property and other issues arising in moving approximately 500 FTEs from a niche provider's facilities in a Software Technology Park in India to a newly created Special Economic Zone.
- Unique BPO transaction on behalf of a Fortune 200 insurer, sourcing novel and core aspects of regulated activities to an Indian service provider.
- Representation of a state agency in its acquisition of development and fiscal agent services in a Medicare/Medicaid implementation processing approximately $12 billion per year in health care related payments.
- Multiple comprehensive and single-process HR transactions, including one transaction involving 43 client jurisdictions and two of the largest five HR transactions during 2009 and 2010.
- Multiple applications development and maintenance and business process transactions, including finance and administration, transaction processing, procurement and customer care transactions (onshore, offshore and near-shore, including jurisdictions as diverse as Canada, Ireland, Ghana, Guatemala, India, Philippines, Vietnam, China, Rumania and Poland).
This advisory discusses new Federal Trade Commission (FTC) guidance for advertising online. Entitled “.com Disclosures: How to Make Effective Disclosures in Digital Advertising,” the new guidance comes in response to consumers’ growing use of mobile devices and social media applications, and advertisers’ efforts to reach consumers via these new devices and media. The FTC’s guidance emphasizes that the same consumer protection laws that apply to traditional advertising also apply to online advertising. The FTC issued the guidance, however, to address some of the unique advertising issues that arise in advertising on mobile devices and in social media.
March 26, 2013
Yesterday, the White House released an Executive Order titled “Improving Critical Infrastructure Cybersecurity” (the “Order”). The Order was signed by the President yesterday and announced during his State of the Union Address. The Order represents an attempt by the President, frustrated by a lack of Congressional action, to improve a perceived vulnerability to cyber attacks within the Nation’s critical infrastructure.
This cyber alert, presented in a “frequently asked questions” format, summarizes several key aspects of the Order.
February 13, 2013
Distributed Denial-of-Service (DDoS) attacks are not a new method employed by cyber criminals to inflict damage on victim entities’ networks. In fact, DDoS attacks were one of the first types of online crimes to appear in the dawn of the Internet age. In the past several years, however, cyber threat actors have rekindled this attack to produce two new variants, both of which specifically target the financial services sector.
February 12, 2013
December 22, 2011
- Recognized for a number of years as one of “America's Best Lawyers” for information technology matters.
- Recognized for a number of years as one of America's leading lawyers in business process outsourcing by Chambers USA.
- Active participant in the Free Software Foundation's efforts to develop version 3.0 of the General Public License.
- Current (and former) chairperson of the Technology Section of the State Bar of Georgia
- Member of the Intellectual Property Section
- Recognized as one of Georgia’s “Super Lawyers” for a number of years.
- Recognized as one of Georgia’s “Best Lawyers”
- Selected as an “IP Star” by Managing IP for 2013
- Member, Phi Beta Kappa
- Member, Board of Trustees, Atlanta International School