Brooks Pierce partner David Smyth has earned the Certified Information Privacy Professional for the U.S. private sector (CIPP/US) designation through the International Association of Privacy Professionals (IAPP).
The IAPP is a nonprofit association of privacy professionals with more than 20,000 members around the world. The CIPP is the global standard in information privacy certification and has become the leading credential in the field. The CIPP/US credential demonstrates that Smyth has a strong understanding of:
- Privacy and data security laws, such as HIPAA, Gramm-Leach-Bliley Act, Fair Credit Reporting Act, Fair and Accurate Credit Transactions Act, Children’s Online Privacy Protection Act (COPPA), and others;
- Federal marketing laws and regulations impacting telemarketing calls and commercial emails;
- Enforcement of federal privacy laws and regulations;
- State data security and breach laws;
- Privacy laws impacting the workplace; and
- Essential privacy concepts and principles, such as fair information practices and “Privacy By Design”
“Brooks Pierce is actively working to be a leader in data privacy law, and David’s national certification is a reflection of our dedication to this area.” said Ed Winslow, managing partner at Brooks Pierce. “David is at the forefront of our data privacy practice and joins a growing group of Brooks Pierce attorneys who have obtained this designation.”
A partner in the Raleigh office, Smyth has worked closely with data security issues since 2007, when he led the Securities and Exchange Commission’s investigation and litigation of cases involving online securities brokerage intrusions by Russian and East European hackers. Since then, Smyth’s data security practice has continued to grow with the increasing proliferation of cyber attacks and other data breaches. He has leveraged his experience with government regulators in handling the responses to numerous data security incidents for corporate clients. He also counsels businesses on a wide range of issues related to data security and privacy, including drafting data privacy policies.
