Digital and E-Commerce Engagement and Innovation

Download Download PDF   
Share Share Page


We advise clients through all phases of development and implementation of:

  • digital marketing and engagement practices, including the use of Google Analytics, Google Ads, Meta Pixels,  and LinkedIn Insight Tags;
  • contracting on a digital basis, including the use of electronic signatures, such as verbal and IVR;
  • algorithms, artificial intelligence, and machine learning; and
  • biometric information programs, including for identity verification and fraud detection. 

We counsel clients on:

  • privacy policies, procedures, notices, and authorizations under the:
    • California Consumer Privacy Act, as amended, and other comprehensive state privacy laws
    • Gramm-Leach-Bliley Act
    • Health Insurance Portability and Accountability Act
    • General Data Protection Regulation
    • New York DFS’s Part 500
    • Telephone Consumer Protection Act
    • CAN-SPAM Act
    • Biometric Information Privacy Act
    • Video Privacy Protection Act
    • SEC Reg S-P
    • State insurance laws
  • website and mobile application terms of use and user license agreements and compliance with the Americans with Disabilities Act;
  • due diligence on and contracts with third-party partners and data brokers, including data processing agreements;
  • eSign Act and Uniform Electronic Transactions Act (UETA);
  • electronic delivery of SEC-required documents and electronic recordkeeping under the Securities Act and Exchange Act;
  • SEC Reg SCI (Systems Compliance and Integrity) and SEC Reg S-ID (Identity Theft Red Flags Rules); and
  • litigation strategy under state and federal privacy and cybersecurity laws.


Marketing and Sale of Life Insurance Products

Advising life insurers and producers developing an all-digital engagement process for the marketing and sale of life insurance products, including:

  • counseling on process flow and placement of notices and consents for acquiring data from and sharing data, with third parties for transactional and marketing purposes;
  • drafting notices and consents, website terms and conditions, and privacy policies that take into account state insurance laws and GLBA and HIPAA requirements and exemptions;
  • negotiating with third party vendors of consumer data and algorithms used in the underwriting process;
  • counseling on state insurance requirements applicable to website and social media marketing;
  • addressing various means of obtaining consents and signatures, including the use of check-boxes, voice signature, and third-party electronic signature vendors;
  • developing processes for electronic delivery of policy documents and advising as to when paper delivery is required; and
  • advising regarding notices and consents for voiceprint programs.

Digital Marketing and Targeted Advertising

Advising insurance, financial services, health care, retail, and other clients on the use of digital engagement tools and marketing campaigns including their use of website tracking technologies (e.g., session replay technology, website analytics), and digital advertising partnerships (e.g., use of Google Analytics, Google Ads, Meta Pixel, and LinkedIn Insights Tags). We address:

  • implications of various tool settings and compliance steps, including website disclosures. related to the same;
  • data processing agreements, including scope, use of aggregate and/or deidentified data, responsibilities and indemnification surrounding data security and associated incidents, cross-border data transfers, and cyber insurance.

Digital Engagement

For clients across various industries seeking to digitally engage with consumers:

  • drafting website and mobile app terms of use, privacy policies, and cookie banners;
  • advising as to data collection, access, storage, disclosure, and transfer, including sharing among affiliates, service providers, joint marketing partners, and other non-affiliates, including:
    • consumer notices and consents;
    • GLBA and HIPAA exemptions within various privacy laws and implications of the same across affiliates and lines of business.
  • negotiating contracts with third party data providers;
  • counseling regarding the use of verbal or other electronic signatures;
  • advising as to digital delivery of documents and consent to same; and
  • collection, use, and/or disclosure of biometrics (e.g., voiceprints, facial analysis), including consumer notices and consents.

Electronic and Data Management

Advising clients regarding ongoing electronic and other data management, including:

  • drafting policies and procedures for processing consumer privacy requests, including data subject requests to know, access, correct, delete, and/or limit use or sharing;
  • drafting policies and procedures related to data retention; and
  • cybersecurity obligations, both preventative and in response to suspected and confirmed incidents.

Regulatory Oversight and Litigation

Counseling regarding regulatory examinations, enforcement actions, and litigation associated with the above (e.g., pursuant to federal securities laws, the Americans with Disability Act, HIPAA, Video Privacy Protection Act, Illinois Biometric Information Privacy Act, state consumer protection laws, and state insurance laws).

All Insights

Financial Services Cyber Fraud: The Latest Risks and Best Responses

Financial Services Cyber Fraud: The Latest Risks and Best Responses

October 20, 2022

Cyber fraud costs the financial services industry billions in losses each year and has been on the rise. Regulation has followed, creating risks of a different kind.

Making Good on Its Promise: SEC Pursues Cyber Enforcement Actions Against Financial Services Companies

Making Good on Its Promise: SEC Pursues Cyber Enforcement Actions Against Financial Services Companies

October 4, 2021

The SEC recently announced settled charges with several investment advisory firms and broker-dealers following email account takeovers. These settlements are the latest in a string of enforcement actions relating to what the SEC considers as cybersecurity failures at registered financial firms.

Featured Insights


The information on this website is presented as a service for our clients and Internet users and is not intended to be legal advice, nor should you consider it as such. Although we welcome your inquiries, please keep in mind that merely contacting us will not establish an attorney-client relationship between us. Consequently, you should not convey any confidential information to us until a formal attorney-client relationship has been established. Please remember that electronic correspondence on the internet is not secure and that you should not include sensitive or confidential information in messages. With that in mind, we look forward to hearing from you.