Matt White is a Certified Information Privacy Professional (CIPP/US, CIPP/E), a Certified Information Privacy Technologist (CIPT), and a Certified Information Privacy Manager (CIPM). Matt is also a Payment Card Industry Professional (PCIP). His practice focuses on representing financial institutions, including banks, credit unions, lenders, Fintechs, insurance companies, InsurTechs, investment advisory firms, and broker-dealer firms, as well as other highly regulated businesses. He counsels clients on all aspects of privacy and cybersecurity, including litigation and breach response, privacy compliance, transactional diligence, and the defense of regulatory actions.
Matt particularly focuses on helping businesses implement policies, procedures, contracts, and best practices concerning cybersecurity, data privacy, technology, and AI, and assisting clients in strategically navigating through cyber incidents and litigation.
Matt also provides strategic advice to his clients concerning artificial intelligence (AI), biometrics, blockchain technology, smart contracts, cryptocurrencies, and other digital assets including non-fungible tokens (NFTs). He provides sophisticated and knowledgeable counsel on the novel issues clients encounter in this rapidly evolving space. He assists clients with AI program development, including implementing and managing issues related to AI applications, contracts, services, and solutions, including generative AI, deep learning, machine learning, and natural language processing. He has also advised clients on relevant regulations including federal and state money transmitter laws, AML/KYC, privacy and cybersecurity, as well as whether tokens are considered securities. Matt has deep experience in financial services regulation, securities, commodities, and broker-dealer regulation, cybersecurity and data privacy, and in litigation, and draws on that experience to anticipate, recognize, and address the legal, regulatory, and compliance issues his clients face relating to blockchain and digital assets. As the decentralized finance (DeFi) ecosystem continues to evolve, Matt can advise clients ranging from platforms, exchanges, issuers, application developers, startups, and other innovators who are operating in this cutting-edge environment, to investors, hedge funds, and established financial firms that are interested in exploring the legal implications of and strategically increasing their exposure to the DeFi markets. He has also represented victims of DeFi fraud in assessing their recovery and litigation options.
He routinely advises clients on data privacy and security matters arising from a variety of state and federal laws and regulations including the Gramm-Leach-Bliley Act (GLBA), the Fair Credit Reporting Act (FCRA), the Health Insurance Portability and Accountability Act (HIPAA), the Fair and Accurate Credit Transactions Act (FACTA), the Telephone Consumer Protection Act (TCPA), the Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM), the Electronic Communications Privacy Act (ECPA), the Stored Communications Act (SCA), the California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA) and other state privacy laws, and the New York Department of Financial Services Cybersecurity Regulation. He also counsels clients on global data protection laws including the General Data Protection Regulation (GDPR), and on compliance with Payment Card Industry (PCI-DSS) requirements.
Matt has significant experience:
- Counseling on the investigation, response, notification, and defense of data breaches and incidents;
- Advising clients on privacy, information security, supply chain and vendor management, contracts, insurance, document retention, e-discovery, and data and technology issues;
- Assisting clients with compliance-related matters including internal policy creation and training;
- Preparing customized website and mobile device policies and notices including terms of use, privacy policies, state-specific notices, and cookie notices; and
- Representing clients in responding to regulatory investigations and in litigation and class action matters involving cybersecurity and data privacy issues.
Matt also has extensive experience representing financial institutions, broker-dealers, investment advisors, and other companies in litigation, arbitration, regulatory and compliance matters, and in investigations and enforcement proceedings. He regularly represents national and regional securities firms and their registered representatives in a wide array of matters including customer-initiated arbitrations and litigation, enforcement proceedings and investigations by the SEC, FINRA and other self-regulatory organizations and state securities regulators, intra-industry disputes such as "raiding" claims, and claims related to non-competition agreements, the theft of trade secrets, and expungement.
As an experienced litigator, Matt has represented clients in numerous complex commercial and general business litigation. He has successfully litigated trial and appellate matters in both state and federal courts, and in mediation and arbitration. Matt has also defended financial institutions and other corporations in class action litigation, with a focus on defending privacy and data breach class actions.
You can connect with Matt on LinkedIn.