Jon Neiditz and Amanda Witt have joined Kilpatrick Townsend & Stockton as partners from Nelson Mullins Riley & Scarborough, in a move to address the rapidly developing legal areas of information security and big data.

Neiditz handles privacy law and information security, including data breaches. He is interested in the emerging areas of big data and privacy-by-design, where a company builds privacy prompts into the technology of a mobile app or other product, so the user can choose how much information to disclose.

Witt handles tech licensing and procurement contracts, with a focus on cloud-based data services, outsourcing and, with Neiditz, privacy law.

Both have joined Kilpatrick’s global sourcing and technology team. The two said they were looking for a firm with a deep bench of patent lawyers and a Silicon Valley presence. That is the firm Kilpatrick became after its 2011 merger with San Francisco intellectual property firm Townsend and Townsend and Crew.

"I had a great experience at Nelson Mullins," Neiditz said. He and Witt joined Nelson Mullins in 2008 from Locke Lord.

Neiditz sees the move to Kilpatrick as a way to start a next-generation information security practice, bringing together privacy and patent lawyers to collaborate on big data management and products incorporating privacy-by-design. "I have an incredible opportunity to develop a big data law and privacy security practice here," Neiditz said. "This is the forefront of 21st century information law."

Neiditz currently counsels clients on data security and helps handle data breaches. He wants to develop a practice advising companies on using their data as an asset, the way that companies now view intellectual property as an asset.

He’s also interested in the blue-sky area of privacy-by-design, advising clients how to incorporate privacy prompts into the technology of a new product. "That’s something I hope to create," he said.

Neiditz started out handling privacy and information security law for the health care industry. In 2005 he advised one of the credit card companies after a third-party payment processor, CardSystems Solutions Inc., was hacked in Tucson, Ariz., in a data breach affecting up to 40 million card-holders.

"Those of us in the information security field knew the dam was going to break with that," Neiditz said. At the time, California was the only state requiring businesses to notify customers of security breaches, he said. After the CardSystems hack, he said, data breach laws rapidly went into effect, making leaks a bigger legal issue.

Since then he’s been handling two or three data breaches per week, he said. Neiditz declined to name clients with data breaches to protect their privacy.

In 2011 Neiditz handled the largest data breach of his career after Nelson Mullins was retained by the state of South Carolina to advise on a massive breach of tax information. The state’s Department of Revenue discovered last fall that hackers had swiped data belonging to 6.4 million citizens and businesses.

"The South Carolina breach has been a wakeup call for a lot of states," said Neiditz. "In this day and age all systems are vulnerable and most systems are infected."

Neiditz is global privacy counsel for Georgia-Pacific and other large Atlanta companies. He also works with tech startups, including a company that offers a secure record-less messaging service, where the message disappears after it is read.

"You can imagine how controversial that is," Neiditz said. "I like working with disruptive technology."

Neiditz’s enthusiasm was palpable as he described his vision for his practice. He was energized after a weekend in Las Vegas at Kilpatrick’s annual partners retreat, where he was able to talk to many of the firm’s California IP lawyers, and he’s already started a blog for Kilpatrick called Big Data Tech Law.

Just as companies have come to regard their intellectual property as an asset and hire patent lawyers to advise them on their intellectual property portfolio, Neiditz said, they are realizing the pools of customer data they possess are also a potential asset.

"That is where the money is going to be in the long term—in the data itself," he said.

Neiditz decided he needed to team with IP lawyers who have expertise structuring complex ownership relationships and rights in intellectual property transactions and use that expertise for big data deals.

Neiditz said patent lawyers are the only lawyers who think about incorporating privacy into the design of a product—and Kilpatrick has a whole lot of patent lawyers.

He envisions collaborating with them to help clients design technology products, such as mobile payment systems or apps, that are mindful of the user’s privacy.

Instead of having customers agree to a long privacy notice written in microscopic print, privacy-by-design technology incorporates prompts into software for a mobile device or other product asking users if they want to disclose information such as their location.

Building privacy by design into the technology is where regulators are going, Neiditz added.

Witt works with Neiditz on privacy matters and applies her information security expertise to tech contracting and licensing, which makes up the bulk of her practice.

She started out in corporate finance at Hunton & Williams but after Sept. 11, 2001, she moved to Belgium to earn an LLM in international intellectual property, learning European Union law from the EU perspective.

Witt said Kilpatrick is a good fit for where she wants to take her practice because of its strength in IP and tech law, as well as the California presence.

Most mobile advertising and payments companies, which are among her client base, are based in Silicon Valley, she said, because that’s where the investors are.

"Kilpatrick offered the opportunity to join a very sophisticated IP contracting and outsourcing practice," Witt said. Several of her clients are expanding into international markets, she said, so the practice’s global nature was appealing.

One client, which provides the backend cloud data center for alarm companies, is offering its U.S.-based cloud data service to European companies. It also is broadening from serving burglar alarm companies to those in energy management, which use sensors to control temperature and lights in a building.

European Union privacy laws come into play, which Witt said are more restrictive than in the U.S. and still vary from country to country.

"They don’t like the big data idea," she said, explaining that European privacy laws are aimed at having companies collect only the data they need, hold it only as long as needed and then destroy it. "They view privacy as a fundamental human right."

Heavily regulated industries such as banking and health care face complex privacy and security regulations, which become even more complex in cross-border transactions.

"It gets very complicated with any data coming to and from Europe," she said. "We’re going to see more of these privacy issues come up in cross-border tech transactions. The data is so critical to companies that they can’t afford to have breaches."

Briefly

Sarah Jurkiewicz has joined Locke Lord from Fincher & Jurkiewicz as senior counsel. Jurkiewicz joined the firm’s real estate and finance practice and handles commercial real estate transactions.


Georgia Supreme Court Justice Harold Melton is the special guest of Warner, Bates, McGough & McGinnis on May 9 at a reception for Auburn alumni and friends. Melton, a 1988 Auburn University graduate, will join Auburn’s general counsel, Jon Wagonner, and members of the Auburn mock trial team for the gathering, which is from 5 p.m. to 7 p.m. at the family law firm’s office at 3350 Riverwood Pkwy. All are welcome, even University of Florida graduates. Call the firm at 770-951-2700 to attend.