In his privacy practice, Austin advises clients on implementing global compliance programs designed to navigate the evolving legal landscape around data privacy, including the Federal Trade Commission (FTC) Act, the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) and other emerging US state consumer privacy laws. He is experienced in consumer privacy litigation and investigations, privacy contract drafting and negotiation, cross-border data transfers and compliance issues with federal surveillance law including the Foreign Intelligence Surveillance Act (FISA).

Austin also advises on cybersecurity matters, including conducting enterprise security assessments under privilege, drafting and negotiating vendor contracts, compliance with federal and state security laws and data breach response and remediation.

Austin regularly speaks and writes on technology law topics. He has featured in Ars Technica, JD Supra, National Law Review, Lexology and ACC Docket. He has represented clients ranging from startups to Fortune 500 companies, including in the professional services, technology, healthcare, life sciences, finance, retail, entertainment and e-commerce sectors. He advises on risks relating to emerging technologies including autonomous vehicles, blockchain/cryptocurrencies, Internet of Things (IoT) devices, encryption and encrypted messaging, artificial intelligence, biometrics and advertising technology. He has also advised on privacy and security risks arising from large M&A transactions.

Before McDermott, Austin served as a law clerk for the US Senate Judiciary Committee, where he worked on Supreme Court and Attorney General nominations, executive branch oversight and investigations, FISA reform and other legislative initiatives. He has also held positions with a nationally ranked law firm, the Federal Trade Commission, the Network Advertising Initiative and as a research assistant for Professor Daniel Solove.

Austin is a Certified Information Privacy Professional/United States (CIPP/US) and a Certified Information Privacy Professional/Europe (CIPP/E).

Show Less

• Represented professional services firm in CCPA compliance project including developing data subject response procedure, “Do Not Sell” analysis and framework, privacy notices and contracting playbook
• Advised healthcare technology company on compliance with emerging US state privacy laws in California, Virginia and Colorado, including HIPAA exemption applicability analysis
• Drafted global regulatory memorandum for company on use of consumer data for contact tracing and other COVID-19 prevention purposes
• Advised multinational entertainment company on global biometric privacy compliance related to use of facial recognition software
• Represented software company on comprehensive enterprise security assessment conducted under privilege
• Advised technology company on GLBA, FTC, CCPA and other privacy and security risks related to acquisition of financial services technology company
• Represented retail company in credit card data breach response including investigation, remediation and notification of impacted cardholders
• Advised life sciences company on global data protection program including drafting vendor contracting and onboarding templates, incident response policy and website privacy policy and terms of service
• Represented device manufacturer in responding to dozens of law enforcement requests for customer data under the Electronic Communications Privacy Act (ECPA)*

*Matter handled prior to joining McDermott.

Show Less