Bart Huffman, a partner in the Locke Lord's Austin office, has experience in a wide range of privacy and data security matters. With a systems engineering background and a proven track record in intellectual property, e-commerce, and federal litigation matters, he offers a broad perspective for the critical data and intellectual property issues faced by cutting-edge companies today. His clients, which include Fortune 500 companies as well as regional players, rely on his advice in connection with strategy and policy issues and initiatives, commercial technology services and other transactional matters, compliance advice, and privacy and intellectual property litigation. Mr. Huffman is admitted to practice law in Texas, California and New York, and before various federal courts. He also is a USPTO Registered Patent Attorney and an IAPP Certified Information Privacy Professional.
Education
- J.D., with honors, The University of Texas School of Law, 1994
University of London, Fall Semester 1993 - B.S.E., Civil Engineering/Operations Research, cum laude, Princeton University, 1988
Certificate in Engineering and Management
Tau Beta Pi
Bar Admissions
- Texas, 1994
- New York, 1998
- California, 1999
Admitted To Practice
- U.S. Patent and Trademark Office
- U.S. Court of Appeals for the Fourth Circuit
- U.S. Court of Appeals for the Fifth Circuit
- U.S. Court of Appeals for the Ninth Circuit
- U.S. Court of Appeals for the District of Columbia Circuit
- U.S. District Court for the Eastern District of Texas
- U.S. District Court for the Northern District of Texas
- U.S. District Court for the Southern District of Texas
- U.S. District Court for the Western District of Texas
- U.S. District Court for the Eastern District of New York
- U.S. District Court for the Southern District of New York
- U.S. District Court for the Eastern District of California
- U.S. District Court for the Northern District of California
- U.S. District Court for the Southern District of California
- U.S. District Court for the Central District of California
Representative Experience
Privacy / Data Security
- Compliance program development, reviews, and corrective measures, including with respect to the Federal Trade Commission (FTC) Act, Gramm-Leach Bliley Act (GLBA), Payment Card Industry Digital Security Standards (PCI-DSS), Children’s Online Privacy Protection Act (COPPA), Health Information Portability and Accountability Act (HIPAA), and state law requirements, including heightened standards in states such as Massachusetts and California.
- Advice concerning evolving legal standards applicable to procurement, contracting, and oversight of service provider handling of personal information, including evaluation of supply chain processes and preparation of contract templates for data security requirements.
- Internal privacy policies, procedures, and guidelines, including information security policies, personal information inventories, security incident response plans, document retention policies, computer usage policies, and privacy awareness programs.
- Outward-facing privacy policies; notices of privacy practices; disclosures; website, application, and Wi-Fi terms of service; and other materials affecting privacy-related disclosures and representations and data subject expectations.
- Development and implementation of comprehensive governmental subpoena and search warrant compliance program for leading web hosting provider, and regular advice on handling of subpoenas seeking personal or other protected information.
- Advice regarding handling of sensitive data in various settings, including online portals used by professionals and medical services providers, and the online submission of employment application materials. Advice and multistate guidance for computer network access issues and privacy implications of mobile devices and applications.
- Representation of leading Internet service provider (ISP) in connection with hundreds of civil subpoenas served in numerous federal and state jurisdictions seeking personally identifiable information (PII) of subscribers, including joint representation of multiple leading ISPs in a number of cases and handling of appeals to state and federal appellate courts.
- Handling of numerous identification and anonymity issues, including issues arising under the U.S. Constitution, the Electronic Communications Privacy Act (ECPA), and the Communications Decency Act (CDA).
- Representation of financial institutions in connection with government requests and associated requirements, such as those set forth in the Right to Financial Privacy Act (RFPA).
- Telemarketing advice, including advice regarding list-scrubbing requirements under national and state do-not-call registries, and the applicability and reach of the Telephone Consumer Protection Act (TCPA), Telemarketing and Consumer Fraud and Abuse Prevention Act, and various FTC and FCC regulations to text messaging.
- Red Flags Rule, COPAA, FCRA and other policies and compliance programs.
- Advice regarding surveillance, monitoring, and recording for call centers and Internet-connected products and services, including with respect to federal and state wiretap laws.
- Preparation of various privacy and data security templates, surveys, questionaires, and training materials.
- International contracts and license agreements bearing on transfer, processing, and hosting of personal data in multiple jurisdictions.
- Privacy, data security, and related intellectual property diligence and evaluation in connection with multiple corporate financings and acquisitions.
- Advice to global marketing firm with respect to implications of corporate acquisitions on use of customer and prospect lists.
- Advice regarding U.S.-E.U. Safe Harbor.
- Representation regarding implications and remedies available in connection with the compromise of data through online postings.
- Data breach handling for multiple enterprises, including forensic work guidance, notifications to affected individuals and state and federal regulators, negotiations with credit monitoring service providers, and communications strategies and materials.
- Representation of major telecommunications company in federal “pretexting” litigation filed in Texas and California with respect to misappropriation of online billing records.
- Handled arbitration over contract for e-mail append services.
- Representation of British news website in online impostiture litigation.
- Representation in lawsuits concerning the processing and handling of voluminous records containing HIPAA Protected Health Information (PHI).
- Handling of Fair and Accurate Credit Transactions Act (FACTA) issues and disputes for retail establishments.
- Initiating, resisting, and complying with federal and state pre-suit discovery proceedings seeking electronic records and sensitive personal information.
- Representation in connection with government investigations and production of records pursuant to Foreign Intelligence Surveillance Act (FISA) requests.
- Preparation of end-user service terms, including acceptable use provisions, for user forums, social media sites, and user content sharing and distribution sites.
- Advice regarding privacy implications of cloud-based and remote technical support services.
- Outside privacy counsel for marketing firms, banks and other financial institutions, merchants, retailers, Internet service providers (ISPs), mobile phone carriers, websites and applications providers, software developers, database providers, governmental entities, oil and gas companies, pharmaceutical companies, media conglomerates, universities, data brokers, retail companies, and a global airline.
- Advice under 50-state legal frameworks as well as the Federal Trade Commission (FTC) Act, Gramm-Leach-Bliley Act (GLBA), Health Insurance Portability and Accountability Act (HIPAA), Children’s Online Privacy Protection Act (COPPA), Payment Card Industry Digital Security Standards (PCI-DSS), Fair Credit Reporting Act (FCRA) and the Fair and Accrurate Credit Transactions Act (FACTA), Telemarketing Sales Rule (TSR), Telephone Consumer Protections Act (TCPA), Electronic Communications Privacy Act (ECPA), Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM), Right to Financial Privacy Act (RFPA), and the U.S.-E.U. Safe Harbor program.
Internet Services
Commercial/Development Agreements
- Negotiation of commercial services, licensing and development agreements involving cloud services, locational technology, remote monitoring, premises security, mobile satellite antenna technology, and Internet browser.
- Preparation of numerous end-user terms of service and license agreements in connection with commercial services agreements, including agreements for services provided in the "cloud."
- Managed IP and privacy review, including open-source software diligence and compliance, in connection with Internet services agreements and corporate acquisitions.
- Negotiated website development and e-marketing services agreements for financial service providers, marketing companies, and retail establishments.
Licensing
- Preparation and negotiation of various brand and ingredient brand trademark license agreements in connection with primary and distributor-based commercial services arrangements.
- Negotiation of major commercial and open-source software distribution and licensing agreements.
- Negotiation of commercial services and licensing agreements for browser technology.
- Licensing negotiations regarding delivery of digital media to outdoor display devices.
- Negotiations and advice in connection with numerous software licensing, development, and escrow agreements, including procurement and guidance regarding escrow verification services.
Other Internet Services Agreements and Social Media
- Representation of e-commerce division of public company in connection with negotiation of numerous contracts for services and support, including website design, search engine optimization, widget design and implementation, and mobile advertising.
- Preparation of multiple services and support contracts for animation media site, including contracts involving content licensing, display, and syndication, and advertising placement services.
- Representation of user-generated content brokerage site in connection with unique website terms and website development agreements.
- End-user service terms, including acceptable use provisions, for user forums, social media sites, and user content sharing and distribution sites.
- Advice and preparation of guidelines for use by medical device manufacturer regarding illegal sales of equipment on online shopping and auction websites.
- Assisted retailer in connection with dispute and acquisition of vanity URL for social media webpage.
- Communications Decency Act (CDA) immunities for websites and apps.
- Establishment and maintenance of Digital Millennium Copyright Act (DMCA) compliance programs.
Commercial Litigation
IP Litigation
- Representation of multinational media company in trademark disputes before the Trademark Trial and Appeal Board of the U.S. Patent & Trademark Office and in multiple federal courts.
- Representation of online retailer in trademark disputes with owner of historically significant Canadian mark.
- Representation of leading outdoor media company in taxi-top copyright litigation filed in the Southern District of New York.
- Representation of international designer for “big box” vendor in federal copyright litigation.
- Representation of family owners of 90-year-old product in trademark litigation filed in competing Texas venues.
- Various trade secret and software copyright disputes in numerous venues.
Other Technology Disputes
- Assisted outside general counsel to nuclear operating company, with oversight responsibility for a variety of litigation matters, ranging from spent nuclear fuel litigation to contractor disputes and miscellaneous personnel-driven issues and lawsuits.
- Representation of clients in connection with software licensing audits by the Software & Information Industry Association (SIIA) and [Business Software Alliance?] (BSA).
- Representation of medical clinics in connection with cable licensing dispute.
- Advice to software developer in connection with international software piracy issues and enforcement.
- Co-counsel to Middle Eastern royalty in federal litigation concerning repair and refurbishment of privately owned wide-body jet.
Publications & Presentations
- Contributor, "TCA’s AdMark Buzz," Locke Lord LLP
- Contributor, Freedom to Tinker Blog, Princeton Center for Information Technology Policy
- Co-Author, "Locke Lord QuickStudy: Using, Marketing or Collecting Consumer Data?," Locke Lord (April 17, 2013)
- Co-Author, "Locke Lord QuickStudy: President Obama Expected to Issue Executive Order on Cyber Security, Data Security and Privacy," Locke Lord LLP (December 10, 2012)
- Co-Author, "Locke Lord QuickStudy: Financial Regulators Issue Statement Regarding Cloud Security," Locke Lord (July 17, 2012)
- Co-Chair, University of Texas School of Law 25th Annual Technology Law Conference, 2012
- Moderator, "Advertising in the Digital Age: Avoiding Privacy Snafus in Data Collection, Marketing, and Messaging," University of Texas School of Law 25th Annual Technology Law Conference, May 25, 2012
- Speaker, “Privacy and Data Security: Housekeeping for Corporate Counsel,” 2012 Corporate Counsel Institute, Houston, May 3, 2012
- Speaker, “Privacy and Data Security: Housekeeping for Corporate Counsel,” 2012 Corporate Counsel Institute, Dallas, April 19, 2012
- "ISPs Escape Copyright Owners' Requests for User Info," Law360 - March 29, 2012
- Panelist, Copyright Litigation: Finding Anonymous Copyright Infringers, American Bar Association CLE (March 22, 2012)
- Organizer and Speaker “Copyright Cat-and-Mouse: New Developments in Online Enforcement,” Special Event, Center for Information Technology Policy, Princeton University, March 13, 2012
- Co-Author, "Locke Lord QuickStudy: White House Announces New Consumer Privacy Bill of Rights Affecting Online Advertising," Locke Lord (February 27, 2012)
- Quoted in "Huffman joins Locke Lord’s Austin office," The Privacy Advisor, Vol. 12 No. 1, January-February 2012
- Social Media Panel Presentation, Association for Corporate Growth, Central Texas chapter, San Antonio, Texas, January 31, 2012
- Presenter, Data Management Risks: Ways to Assess and Mitigate Risks of Holding and Sharing Personal Data, Locke Lord CLE, Houston, January 26, 2012
- Contributor, "Legal Strategies in Social Media," Locke Lord Brochure, January 24, 2012
- “Copyright Troll Litigation,” Center for Information Technology Policy, Princeton University, December 15, 2011
- “Identifying Alleged Infringers in BitTorrent Online Copyright Infringement Lawsuits,” Freedom to Tinker blog, Princeton Center for Information Technology Policy, December 15, 2011
- Rice University, Center for Philanthropy and Nonprofit Leadership, Intellectual Property and Privacy Law Guest Instructor, September 2011
- Co-Chair, University of Texas School of Law 24th Annual Technology Law Conference, 2011
- “Handling of Personal Information by Third Party Services Providers: Basic Legal Framework, Risk Factors, Best Practices and Corporate Perspectives,” University of Texas School of Law 24th Annual Technology Law Conference, May 27, 2011
- “Data Markets and Data Aggregators: What Are the Sources, How to Evaluate Whether to Use External Data, and What Are the Privacy Implications?” University of Texas School of Law 24th Annual Technology Law Conference, May 27, 2011
- “The Digital Afterlife,” The Business Media Public Relations Tweetup, San Antonio, Texas, May 5, 2011
- “Intellectual Property and Evolving Privacy Laws as Related to the Internet and Mobile Computing Today,” Gateway to College, San Antonio, Texas, April 7, 2011
- “Compliance Issues and Risk Assessment in Connection with Third-Party Handling of Personal Information,” Center For Information Technology Policy, Princeton University, Princeton, NJ, May 24, 2011
- “The Legal Framework of Cyberspace,” Texas Association of Licensed Investigators Annual Meeting, San Antonio, Texas, February 19, 2011
- “Nuts and Bolts of a Good Privacy and Data Security Compliance Program,” Association of Corporate Counsel, San Antonio Chapter, February 2, 2011
- “Telling Your Story Including Effective Use of Social Media: A Primer for Charitable Organizations,” University of Texas School of Law 28th Annual Nonprofit Organizations Institute, Austin, Texas, January 13, 2011
- “Privacy & Cyber Liability,” Semi-Annual Risk Management & Claims Seminar, San Antonio, Texas, November 9, 2010
- “Handling the Patchwork of Privacy & Data Security Laws – a Practitioner’s Perspective,” Federal Bar Association, San Antonio Chapter, October 13, 2010
- Co-Chair, University of Texas School of Law 23rd Annual Technology Law Conference, 2010
- “Privacy and Security in the Cloud,” University of Texas 23rd Annual Technology Law Conference, Austin, Texas, May 28, 2010
- “Social Media, Part 1: Telling Your Story and Managing the Conversation,” University of Texas 23rd Annual Technology Law Conference, Austin, Texas, May 28, 2010
- “Privacy and Information Law – What Clients Should Be Thinking About for 2010,” Lone Star Legal Network, San Antonio, Texas, January 16, 2010
- “Personal Information as an Asset and a Source of Risk,” University of Texas 22nd Annual Technology Law Conference, Austin, Texas, May 21, 2009
- “Lost in the Cloud: Suggestions for Navigating Business and Legal Risks in Cloud Computing,” International Association of Privacy Professionals Privacy Tracker, February 2, 2009
- “Online Gambling – A Legal Overview,” University of Texas School of Law 20th Annual Technology Law Conference, May 21, 2008
- “Tracks and Traces: A Guide to Digital Footprints and the Tools Available to Uncover and Use Them,” University of Texas School of Law 20th Annual Technology Law Conference, May 21, 2008
- “Commercial Email, Website and Technology Agreements, and Cyber-Insurance,” Association of Corporate Counsel, South/Central Texas Chapter, April 20, 2007
Professional History
- Partner, Locke Lord LLP
- Shareholder, Cox Smith Matthews Incorporated
Professional Affiliations & Achievements
- Certified Information Privacy Professional, International Association of Privacy Professionals
- Visiting Fellow, Center for Information Technology Policy, Princeton University, 2011-2012
- Listed, Chambers USA, Leader in their Field, Intellectual Property, 2010-2013
- Listed, Chambers USA, Intellectual Property Department ranked, 2009-2013
- Martindale-Hubbell® AV® Peer Review Rating
- Named, San Antonio Business Journal, "Outstanding Lawyer of the Year - Intellectual Property," 2010
- Named, San Antonio Business Journal, "40 Under 40," 2005
- Member, Federal Bar Association
Community Leadership
- Corporate Committee Member, The McNay Art Museum, 2006-2012
- President, Princeton Alumni Association of San Antonio and South Texas, 2003-2011
- Princeton University Alumni Council
- Executive Committee, 2005-2009
- Regional Associations Chair, 2007-2009
- San Antonio Convention and Visitors Commission
- Commissioner, 2003-2007
- Budget and Finance Chair, 2006-2007
|
|