Internet law goes from boutique to mainstream
By Catherine Ho,
When Stuart Ingis graduated from law school in 1997 — around the time the Internet began taking shape as a mainstream commercial vehicle — he could count on one hand the number of attorneys who specialized in Internet law and policy.
“There were literally two lawyers in the whole country who did that,” said Ingis, co-chairman of the privacy and data security practice at Venable in Washington. “Flash forward to today, every firm in the country has or wants to have a privacy practice. And it’s really a data practice. You have whole bunch of new businesses where a lot of the growth is about figuring out how to use data better, how to store data, where to store it, and who can access it ... What had been a boutique practice with a narrow focus [has become] one that is very mainstream.”
Venable is among many law firms expanding their data privacy capabilities to accommodate growing demand for legal services from social media, mobile, Internet and digital advertising companies scrambling to make sense of — and capitalize on — data on consumer spending habits, traffic patterns and population changes.
For lawyers such as Ingis, that means helping those businesses navigate emerging legal issues such as whether the government can access a company’s data, what happens to data if a cloud provider goes bankrupt and the legal bounds of using data for marketing.
But for law firms, growth isn’t just happening within data privacy groups. Clients in data-related industries also generate legal work in traditional areas like employment, contracts, intellectual property and litigation, Ingis said.
“Traditional legal services are being applied in these new industries,” he said. “In areas where the legal markets are slowing down, we see this as an area of continued growth.”
Covington & Burling, the region’s largest law firm, has gone from maintaining a relatively small privacy practice in the 1990s to having 50 lawyers worldwide — about 30 of whom are in Washington — focused primarily on privacy.
“The level of attention and sophistication companies are giving privacy and data security has escalated dramatically over the years,” said Kurt Wimmer, U.S. chairman of Covington’s global privacy and data security group. “It’s a response to the increasing attention regulators, plaintiffs lawyers, Congress and everyone else is giving privacy these days.”
(The Washington Post is a client of Covington.)
“Our practice is certainly growing because privacy and data security issues are getting C-suite attention in ways they haven’t before,” said Chris Wolf, head of data privacy and information management at Hogan Lovells. “There’s enormous scrutiny on the collection, use, retention and sharing of data, especially on use of data in ways that’s a surprise for people from whom it was collected. We see that manifested in enforcement actions from regulators and proposals for strict new rules.”
Wolf has represented companies under government investigation for their privacy practices, including Sony BMG and data aggregator ChoicePoint, and defended Apple in a consumer privacy class action lawsuit. The firm is now working with public utilities on “smart grid” projects that aim to collect data to deliver energy efficiently.
Smaller law firms are also emerging as experts in the area. ZwillGen, the nine-lawyer Washington firm that specializes in Internet and privacy law, recently hired the top in-house lawyer at Rapleaf, a San Francisco consumer data aggregator, to lead its new big data practice.
Ken Dreifach, who remains general counsel at Rapleaf, will be based out of New York and will work with Web services providers, marketers and companies that collect data.
The growth in this area of law is what Dreifach describes as “data governance” — figuring out what the rules are in a field that’s constantly changing.
“Sending data to different platforms, figuring out what the data means, who’s doing what, who’s tracking it … the rules are still being worked out and are evolving,” he said. “There have always been law practices that have addressed data privacy. But there’s this new area of practice, big data, that in the last year or two addresses the evolution of how data is being used. It’s changing quickly.”