Privacy Advisory and Compliance


White & Case provides tailored privacy and data protection compliance advice, setting out practical guidance on how to minimize compliance risks in this area. Because regulatory requirements can often impose restrictions on certain business activities, we focus on finding pragmatic and effective solutions that can be implemented with minimum business interruption.

Our advice spans the full range of privacy and data protection compliance issues, including:

  • Compliance with the EU General Data Protection Regulation (GDPR), the UK GDPR, the California Consumer Privacy Act (CCPA) and other US state data privacy laws, the Health Insurance Portability and Accountability Act (HIPAA), the Telephone Consumer Protection Act (TCPA), the Children's Online Privacy Protection Act (COPPA), the Gramm Leach Bliley Act (GLBA) and similar regulations around the world
  • Applications for Binding Corporate Rules (BCR), the EU-US Data Privacy Framework and its UK and Swiss equivalents, and the APEC Cross Border Privacy Rules System
  • Due diligence and warranty negotiation for M&A, investments, public offerings and joint ventures
  • Data breach investigation and reporting
  • Requests from individuals and regulators
  • Internal and external privacy policies, procedures, and notices
  • Internal compliance and investigations
  • Employee privacy guidelines and procedures
  • Legitimate interests assessments
  • Data protection impact assessments
  • Data transfer impact assessments
  • Data processing agreements
  • Data transfer agreements
  • Data protection registrations


Providing full coverage

The White & Case Data, Privacy & Cybersecurity team also specializes in the following areas:

Cybersecurity advisory and compliance

Privacy and cybersecurity litigation

Incident response

AI regulatory

Content and non-privacy data regulation


Client Resources

Visit our Thought Leadership page

Visit our US Data Privacy Guide page

Visit our GDPR Handbook: Unlocking the EU General Data Protection Regulation page

Visit our GDPR Guide to National Implementation page


View all lawyers in Data, Privacy & Cybersecurity