Mark H. Francis is a New York cybersecurity, data privacy and intellectual property attorney advising clients on a wide array of "tech and data" counseling, transactional and litigation matters.
Counseling. Mr. Francis focuses on data strategy and information governance, cybersecurity, technical controls, cross-border data transfers, and data privacy laws. In that capacity, Mr. Francis advises clients on Federal Trade Commission (FTC) Section 5 requirements (unfair and deceptive practices), Gramm-Leach-Bliley Act (GLBA), Health Insurance Portability and Accountability Act (HIPAA), Fair Credit Reporting Act (FCRA), Children's Online Privacy Protection Act (COPPA), California Consumer Privacy Act (CCPA), Controlling the Assault of Non-Solicited Pornography And Marketing (CAN-SPAM) Act of 2003, state privacy laws, PCI Data Security Standard (DSS), card brand operating regulations, adtech industry practices, National Institute of Standards and Technology (NIST) and International Organization for Standardization (ISO) standards and other related legal and regulatory requirements. Mr. Francis has advised on the adoption of emerging technologies, such as artificial intelligence and machine learning (AI/ML) with pragmatic approaches to ethical AI principles, legal and reputational risk mitigation practices, due diligence and contracting considerations.
Tech Agreements and Corporate Transactions. Mr. Francis regularly advises clients on data and intellectual property agreements and technology transactions, including master service agreements and statements of work (SOWs), open source and proprietary software licenses, IP/data transfers and licenses, software as a service (SaaS) and cloud computing agreements. He also works with deal teams on data and technology risks and representations in corporate transactions.
Crisis Management and Incident Response. Mr. Francis has counseled dozens of clients on U.S. and global data breaches and other security incidents across a number of industries, including healthcare, financial services, retail, technology, consulting, industrial and telecommunications. He advises clients on internal and forensic investigations, regulatory and individual notifications and interactions with law enforcement and other third parties.
Cybersecurity and Data Privacy Litigation and Regulatory Actions. Mr. Francis represents clients in regulatory and state Attorney General investigations, data breach class actions and PCI assessments.
Intellectual Property Counseling and Litigation. Mr. Francis represents clients in a wide range of intellectual property (IP) litigation in federal courts across the country. His IP matters have often involved complex technologies such as wired and wireless communications, cloud computing, mobile operating systems, virtual machines, web browsers, encryption, image processing and semiconductor devices. He is a registered patent attorney with the U.S. Patent and Trademark Office and assists clients with patent prosecution, as well as copyright and trademark procurement.
Mr. Francis is an International Information System Security Certification Consortium (ISC)² Certified Information Systems Security Professional (CISSP) and EC-Council Certified Ethical Hacker (CEH). He is also an International Association of Privacy Professionals (IAPP) Certified Information Privacy Professional/United States (CIPP/US), IAPP Certified Information Privacy Technologist (CIPT) and IAPP Fellow of Information Privacy (FIP).
In addition, Mr. Francis is an accredited attorney for the preparation, presentation and prosecution of claims for veterans' benefits before the U.S. Department of Veterans Affairs (VA).
Please note that email communications to the firm through this website do not create an attorney-client relationship between you and the firm. Do not send any privileged or confidential information to the firm through this website. Click "accept" below to confirm that you have read and understand this notice.