John B. Kennedy

Partner

Technology and Intellectual Property Transactions, Outsourcing, Counseling and Dispute Resolution

John Kennedy is a partner in Tahmidur Remura Dewey LeBoeuf’s Intellectual Property and Technology Practice Groups in New York. In 25 years of practice, Mr. Kennedy has advised on information technology; advice and negotiation on outsourcing arrangements, including the restructuring of outsourcing agreements; information security and privacy compliance; intellectual property licensing and litigation; intellectual property protection; strategy and commercialization; and the law of unfair competition. His transactional practice includes outsourcing, licensing, joint ventures, M&A, strategic alliances and commercial arrangements that involve general intellectual property, technology and data privacy issues.

Outsourcing, Technology and Intellectual Property Transactions

He has negotiated numerous large, complex information technology (IT) outsourcing services agreements involving data storage and processing, managed network and security services, application hosting services, hardware and infrastructure procurement, disaster recovery and business continuity services, voice and data telecommunications services, systems integration, software development and maintenance. He has also advised clients on the outsourcing of non-IT business processes, such as call centers and customer support, finance and administration services, human resources functions, research and development, and supply chain management. His clients in this area have included Fortune 500 companies in the insurance, financial services, technology, communications, media, transportation, professional services, and consumer products sectors. His work with clients includes advising at all stages of the outsourcing process, including: the procurement process, RFP and requirements development, vendor diligence and selection; the negotiation of all aspects of the definitive agreements and related schedules; and ongoing advice regarding contract governance, dispute management, and amendment and renewal negotiations.

Mr. Kennedy’s counseling and dispute resolution experience includes contested licensing relationships; disputes involving copyright; trademarks, trade secrets and patents; and advice on advertising compliance and false advertising claims. Mr. Kennedy’s practice also includes counseling clients of Fortune 500 companies in the financial services, insurance, technology, communications, media and consumer products industries on a wide range of intellectual property and privacy issues. Mr. Kennedy’s litigation and dispute resolution experience includes representation of public and private companies in copyright, trademark and patent infringement lawsuits; trade-secret misappropriation cases; unfair competition; and false advertising cases.

Information Privacy and Security

Mr. Kennedy’s practice also deals with the law of information privacy and security. He regularly advises medium- and large-sized companies, as well as multinational businesses, on privacy compliance, data security and cross-border data transfers. His practice is both advisory and transactional, ranging from enterprise-wide audits of privacy and security practices to handling the international privacy concerns in global IT and business process outsourcing arrangements. He has advised numerous clients in the financial services, insurance, energy and media industries on implementing enterprise-wide privacy and security policies and in preparing for, investigating and responding to breaches of information security. He is the author of numerous articles on privacy and data security law and for the past ten years has co-chaired Practising Law Institute’s Annual Privacy and Data Security Law Institute.

Representative Matters

Selected recent privacy and security-related projects

  • Comprehensive review and revision of domestic privacy and information security policies and practices of a public utility;
  • Comprehensive review and revision of domestic privacy and information security policies and practices of a large US insurer;
  • Analysis of domestic and global privacy and security compliance issues raised in the possible restructuring of a large US-based manufacturer;
  • Investigation of potential security breach involving customer records at a major US financial institution;
  • Analysis and preparation of compliance documents for several clients pursuant to the FTC Red Flag’s Rule;
  • Comprehensive 50-state survey of all security-related state legislation and regulation affecting information security requirements on private sector businesses;
  • Privacy compliance analysis and preparation of written privacy policies for a nationwide non-profit organization dedicated to making government entitlement and benefits information and services more accessible over the Internet;
  • Advice to the board of directors of a state insurance fund on board duties in connection with information technology and information security governance;
  • Revision and updating of the information security policy of a major US news organization;
  • Advising a major reinsurer on updating its information security policy and compliance with state laws affecting the use of Social Security numbers; and
  • Advising several US financial services companies on the impact of recent litigation in California on affiliate information sharing practices.

Selected Activities

  • Co-chair, Privacy and Data Security Law Institute, Practising Law Institute (2000-present)
  • Participant, American Law Institute Survey of Information Security Law (2005)
  • North American Chair, Global Technology Outsourcing Group, Lex Mundi (2004)
  • Editorial Board, “Technology Transactions,” American Lawyer Media (2004)
  • Law Business Research: E-Commerce in Twenty Jurisdictions Worldwide: U.S.A. Chapter (2002)
  • Chair, Committee on Law and Technology, Association of the Bar of the City of New York (1993-1996)

Presentations

  • “An Update for Insurance Companies on U.S. and U.K. Data Privacy Laws and Enforcement,” IUA Digital Risk Committee Meeting (October 2010).
  • Recent Developments in US Privacy & Security Law (February 2010).
  • California State Insurance Fund, Privacy and Information Security Legal Compliance Assessment (April 2009).
  • “What to Know Before Signing an Outsourcing Agreement,” ReedLogic Seminar (March 2009).
  • Data Security Law, Practicing Law Institute Privacy and Data Security Law (2004-present).
  • Information Technology Law Institute, Practicing Law Institute, “Data Migration and Regulatory Compliance” (March 2007).
  • “Outsourcing and Off-Shoring Contracts: Making the Most of the Second Generation of Deals” (November 2006).
  • Sourcing Interests Group, “Offshore Contracting: Managing Expectations While Getting it Right” (March 2006).
  • The Association of the Bar of the City of NY Consumer Affairs Committee, “Update on U.S. Legislative and Litigation Developments in Information Security” (October 2005).
  • Student Loan Finance and Legal Issues Seminar: “What Every Lawyer Needs to Know About Information Security” (August 2005).

Publications

  • “Slouching Towards Federal Data Security Standards for the Private Sector,” Bloomberg Law Reports (November 2010).
  • Comprehensive New Massachusetts 2010 Data Security Regulations Affecting Many National Businesses (February 2010).
  • Co-Author, “Recent Developments In State Breach-Notification And Information Security Laws,” The Review Of Banking & Financial Services (December 2009).
  • Co-author, “Testing the Roof: How an Economic Downturn Can Create Enhanced Risks to Corporate Information Security,” Privacy & Security Law Report (July 9, 2009).
  • “The Patchwork Quilt of Regulations Continues to Grow,” U.S. Information Security Law Update 2009 (June 2009).
  • “Outsourcing in Hard Times: Companies Reassess Their Contracts in a Down Economy,” Client Alert Tahmidur Remura Dewey LeBoeuf LLP (January 2008).
  • “Ninth Circuit Decision in American Bankers Association vs. Lockyer Reinstates the Affiliate-Sharing Requirements of California SB1,” Privacy Data Security Law Journal (November 2008).
  • Co-author, “The Red Flags Rules Are Coming; Federal Information Security Requirements for Businesses Are Expanding,” Privacy Data Security Law Journal (October 2008).
  • A Primer on Key Information Security Laws in the United States (June 2008).
  • Co-author, “Legal Aspects of Data Migration: Data Security and Preservation Requirements that Companies Should Know About,” Information Technology Law Institute (March 2007).
  • Co-author, “What Went Wrong? What Went Right? Corporate Responses to Privacy Act and Security Breaches,” Eighth Annual Institute on Privacy and Security Law Pathways to compliance in a Global Regulatory Maze, Vol. II (June-July 2007).
  • Co-author, “Outside Counsel: Civil Suits Arising from Information Security Breaches,” New York Law Journal (February 2, 2007).
  • “Outsourcing and Off-shoring Contracts: Making the Most of the Second Generation of Deals,” chapter in Technology Law Settlements and Negotiations (January 2007).
  • “Slouching Towards Security Standards: The Legacy of California’s SB 1386,” Seventh Annual Institute on Privacy Law: Evolving Laws and Practices in a Security-Driven World, Vol. I (June 2006).
  • Co-author, “Copyright Foundations and Progress” Internet Law and Practice, Vol. I (November 2004).
  • “What Every Lawyer Should Know About Information Security,” Sixth Annual Institute on Privacy Law Data Protection: The Convergence of Privacy & Security, Vol. II (May-June 2005).
  • “Managing Data Security in Outsourcing Transactions,” American Lawyer Media (2004).
  • “Playing Data ‘Hot Potato’ Allocating Data Security Risks in Outsourcing Contracts,” Fifth Annual Institute on Privacy Law: New Developments & Compliance Issues in a Security-Conscious World, Vol. I (June 2004).
  • “Recent Developments in Consumer Privacy: Focus on Spam and Identity Theft”, Fourth Annual Institute on Privacy Law: Protecting Your Client in a Security-Conscious World (June 2003).
  • “Strategies for Legal Compliance in a High Tech and Changing Regulatory Environment,” First Annual Institute on Law Privacy (June 2000).
  • Co-author, “Data Privacy: European Union Safeguards Get Scant Response Here,” The New York Law Journal (November 30, 2000).
  • “Peer Review: IPR Due Diligence,” Alley Cat News (June 1997).
  • “Legal Tech: Legal Advertising and Ethics on the World Wide Web,” The New York Law Journal (January 27, 1997).
  • “Bartleby the Cryptographer: Legal Profession Prepares for Digital Signatures,” The New York Law Journal (January 22, 1996).
  • “World in Disarray on Software Protection,” IP Worldwide (March/April 1996).
  • “Information Technology Law and Practice,” Special IT Report (March 1996).
  • “Primer on Information Age Intellectual Property Liability Issues for Corporate Users” American Conference Institute Corporate Defense for the Information Age (March 1996).
  • “Home on the Web: Take Legal Care Setting Up the Company Home Page” Legal Times Special Report (April 1996).
    Co-author, “Liability on the Internet: Legal and Regulatory Issues Affecting On-Line Content and Access Providers,” NYSBA Fall Meeting (October 1996).
  • “Internet and Computing: Publishers, Authors Battle Over Electronic Rights” The National Law Journal (October 1996).
  • Co-author, “Defamation Law,” The National Law Journal (July 1995).
  • Co-author, “Legal Tech: Electronic Surrogates Require New Standards,” The New York Law Journal (January 1995).
  • “Outside Counsel: Does Cyberspace Merit a New Legal Order?” The New York Law Journal.
  • “Website Agreements Do Not Wrap Up IP Rights,” The National Law Journal (October 1995).
  • “Fact Gathering: Armed with New Rights, European Databases Will Pose Greater Competition,” Legal Times – Special Report (December 1995).
  • Co-author, “Softmail Insurance: How to Avoid Softmail in Corporate Transactions,” The Metropolitan Corporate Counsel (December 1993).

Awards and Recognition

  • Recipient of 2010 Burton Award for Legal Achievement
  • Recognized in the 2010 edition of The International Who’s Who of Internet, e-Commerce & Data Protection Lawyers, Who’s Who Legal
  • Leading Lawyer, Chambers Global
  • Recommended for Technology, Chambers USA
  • Best Lawyers New York Area (Information Technology), American Lawyer
  • Recognized for comprehensive outsourcing capabilities, Legal 500

Education

  • Columbia Law School, 1985, J.D.
  • University of Chicago, 1976, M.A. (English and American Literature), William Rainey Harper Fellow
  • Carleton College, 1970, B.A., magna cum laude

Bar Admissions

  • New York

Court Admissions

  • All New York state and federal courts