The Debevoise Data Strategy & Security (DSS) practice is global and interdisciplinary—combining our cybersecurity, privacy, artificial intelligence, business continuity, M&A diligence and data governance practices into one fully integrated and coordinated group.Together, we advise leading companies on responding to ransomware and other cybersecurity events, including regulatory inquiries and civil litigation. We also advise our clients on their overall data strategy, including how to manage, protect, and optimize their data, including through the use of artificial intelligence. Our strategic advice includes both legal and technical assistance with the data issues that arise in M&A diligence, licensing and vendor contracting. In addition, we help our clients determine what data they should delete or not collect because of cybersecurity, privacy or other risks.Our integrated strategic advice on data includes:

Helping clients across the globe prepare for, and respond to, significant data breaches and related investigations and litigation. In addition to our U.S. offices, we serve clients from offices strategically located in the United Kingdom, France, Germany, Russia, China, and Hong Kong. We also regularly work on matters that involve a wide range of other non-U.S. jurisdictions, including the EU and EEA, Japan, Singapore, Brazil, Canada, Colombia and Argentina, to name a few.

Identifying existing and proposed laws and standards in the United States and around the world that will impact our clients’ use of data, including regulations and guidance relating to cybersecurity, privacy, AI, data minimization, records retention, document discovery and data governance.

Because we are constantly leading responses to significant cyber, privacy and AI incidents, we are able to channel that deep experience into helping our clients improve their preparations and resilience. Based on our incident work, we regularly assess our clients’ Incident Response Plans, policies, processes, training and resources, and make suggestions to allow them to more effectively respond to the latest cybersecurity, privacy and AI challenges that they face.Ethical Use of AI and the Emerging Legal Landscape22 September 2022Avi GesserSpecial Discussion with CT Insurance Commissioner Andrew Mais on AI and Big Data19 August 2022Eric Dinallo, Avi GesserNYDFS Draft Amendments to Part 500 Cybersecurity Rules5 August 2022Eric Dinallo, Luke Dembosky, Avi Gesser, Erez Liebermann, Charu ChandrasekharWhat the Recent California Bulletin Means for AI and Big Data Regulation15 July 2022Eric Dinallo, Avi Gesser, Erez Liebermann, Anna GresselEpisode 17: AI Oversight Obligations for Directors24 May 2022Avi Gesser, William D. Regner, Anna R. GresselPart III: Artificial Intelligence and Discrimination in the Insurance Industry20 May 2022Eric Dinallo, Avi Gesser, Marshal Bozzo, Anna GresselThe SEC & Cybersecurity – Spring 2022 Update19 April 2022Avi Gesser, Kristin Snyder, Charu Chandrasekhar, HJ BrehmerEpisode 16: Artificial Intelligence - Vendor Contracting and Diligence22 March 2022Avi Gesser, Anna Gressel, Tigist KassahunCybersecurity for Not-for-Profit Organizations: Tips on Preparing for, and Responding to, Cyber Attacks2 March 2022Luke Dembosky, Suchita Brundage, Mengyi XuPart II: Artificial Intelligence and Discrimination in the Insurance Industry11 February 2022Eric Dinallo, Avi Gesser, Anna Gressel, Marshal BozzoEpisode 15: Whistleblowers for Cybersecurity and Artificial Intelligence Issues – Tips for Preparation and Response16 December 2021Avi Gesser, Anna Gressel, Jyotin Hamid and Maeve O’ConnorCybersecurity and the Insurance Industry4 November 2021Avi Gesser, Benjamin Lyon, Martha Hirst and Robert MaddoxEpisode 14: Practical Tips on Managing AI Risks in the Insurance Sector - A Discussion with Alex Singla, Doug McElhaney and Liz Grennan of McKinsey 3 November 2021Avi Gesser, Anna Gressel, Alex Singla, Doug McElhaney, Liz GrennanPart I: Artificial Intelligence and Discrimination in the Insurance Industry8 October 2021Eric Dinallo, Avi Gesser, Anna Gressel, Marshal BozzoEpisode 13: The Future of Artificial Intelligence Regulation – A Recap of Recent Developments and What Companies Can Do Now to Prepare 3 May 2021Avi Gesser, Anna Gressel with guest speaker Stephen McDougallEpisode 12: Artificial Intelligence and Consumer Data - A Discussion with Kaitlin Asrow, Fintech Policy Advisor for Federal Reserve Bank of San Francisco 3 March 2021Avi Gesser, Anna Gressel, Kaitlin AsrowEpisode 11: Artificial Intelligence and Cyber Insurance – A Discussion with Stefan Toi of Aon Cyber Solutions and Marcello Antonucci of Beazley on Navigating “AI Gaps” in Cyber Insurance Coverage 6 January 2021Avi Gesser, Keith Slattery, Anna Gressel, Marcello Antonucci, Stefan ToiSupervising AI: The Role of Corporate Boards 16 November 2020Avi Gesser, Anna Gressel, Edward StrozEpisode 10: Artificial Intelligence and the Insurance Sector- A Discussion with Jon Godfread, North Dakota Commissioner of Insurance and Chair of the NAIC Artificial Intelligence Working Group 13 October 2020Avi Gesser, Anna Gressel, Jon GodfreadEpisode 9: Artificial Intelligence and Consumer Protection Risks - A Discussion with Andrew Smith, Director of the FTC's Bureau of Consumer Protection 6 August 2020Avi Gesser, Anna Gressel, Andrew SmithEpisode 8: Artificial Intelligence Regulation in the Securities Industry - A Discussion with Haimera Workie of FINRA's Office of Financial Innovation 23 July 2020Avi Gesser, Anna GresselEpisode 7 - Safeguarding Employees’ Credentials and Preventing Unauthorized Access to Sensitive Data Stored in the Cloud and on Employees’ Personal Devices. 7 July, 2020Avi Gesser, Mengyi Xu, Luke Tenery, Joe ShepleyEpisode 6: Ransomware 2.0 - A Discussion with Dave Wong of FireEye Mandiant on the Evolving Threat Landscape, Risk Mitigation Strategies, and Legal and Practical Considerations 23 June 2020Avi Gesser, HJ BrehmerEpisode 5: How to Demonstrate “Reasonable Cybersecurity Procedures” for Regulatory Inquiries and Litigation 16 June 2020Avi Gesser, Stephanie CipollaReturning to Work in the US: Key Employment Law Considerations 5 June 2020Alexander Cochran, Eric Dinallo, Avi Gesser, Jyotin Hamid, Tricia ShernoEpisode 4: Emerging Cybersecurity Issues for PE Sponsors and Portfolio Companies 21 May 2020Luke Dembosky, Avi GesserEpisode 3: Protecting Policyholder Data: Risks and lessons for insurers from the first weeks of work-from-home arrangements due to COVID-19 8 May 2020Luke Dembosky, Eric Dinallo, Avi GesserEpisode 2: Artificial Intelligence Regulation - A Discussion with Matthew Homer of the NYDFS on Reducing Risks Arising from AI Programs 21 April 2020Avi Gesser, Anna Gressel, Matthew HomerEpisode 1: Reducing Cybersecurity and Related Regulatory Risks Arising from Remote Working Arrangements 1 April 2020Luke Dembosky, Avi Gesser, Justin HerringAre You Ready for CCPA?

19 November 2019Jeremy Feigelson, Kate Saba, Warren Metlitzky Life Under GDPR: A Breach Response Scenario23 May 2017Pierre Clermontel, Luke Dembosky, Jane Shvets, Anna V. Maximenko, Dr. Friedrich Popp