Michael La Marca’s practice focuses on privacy and cybersecurity issues. Mike advises multinational clients on compliance with all federal, state and international privacy and data security laws, and managing privacy and cybersecurity risks and policy issues.
He also regularly assists companies with developing and implementing their information security programs and addressing related governance issues. Mike has managed several large-scale cybersecurity incidents, including advising on data breach response and notification obligations.
He also regularly assist clients with negotiating and drafting privacy and data security terms in commercial contracts and M&A transactions. Mike is a certified information privacy professional (CIPP/US) by the International Association of Privacy Professionals (IAPP).
In addition, Mike maintains an active pro bono practice. He has represented pro bono clients in criminal appeals and special education matters and has advised a variety of issues, including trademark, copyright and cybersquatting disputes; privacy and cybersecurity obligations; and US national security policies and regulations.
Experience:
- Advising numerous clients on compliance with the California Consumer Privacy Act of 2018 (CCPA), including conducting due diligence, preparing gap analyses, developing remediation plans, and undertaking compliance projects.
- Represents a large financial services and communications company on global privacy and data security matters, including providing privacy compliance advice, advising on the New York State Department of Financial Services cybersecurity regulations, assisting with building a GDPR compliance program, and assisting with a large data security incident.
- Assists a global retail and technology company with a recent cybersecurity incident affecting approximately 150 million user accounts, handling response efforts including notification, follow-up investigations by regulators and data protection authorities, and resulting litigation.
- Advises multinational financial services companies on privacy and cybersecurity due diligence issues.
- Advises a large manufacturing company on myriad privacy and cybersecurity issues, including certification to the EU-US Privacy Shield.
- Advises technology companies, retailers, consumer goods companies and financial institutions on data breach and cybersecurity incident response, including preparation of required notifications pursuant to state breach notification laws, call center training and development of media strategies.
- Provides advice on cybersecurity risks, including proactive breach readiness activities such as developing data breach toolkits, reviewing incident response plans and preparing tabletop exercises.
- Drafts comprehensive data security policies, standards and procedures in connection with corporate information security programs.
- Advises clients on their international data transfer strategies, including certification to the EU-US Privacy Shield.
EDUCATION:
- JD, Duke University School of Law, 2012
- MA, Political Science, Concentration in Security Studies, Duke University, 2012
- BA, Political Science, Colgate University, magna cum laude, 2008
BAR ADMISSIONS:
- New Jersey
- New York
Cost
Rate : $$$
