Andrew Gray represents and counsels employers on all aspects of workplace privacy and information security in both the U.S. and internationally, including:
- The California Consumer Privacy Act (CCPA), New York SHIELD Act, Virginia Consumer Data Protection Act, and other state data protection laws
- The EU General Data Protection Regulation (GDPR) and other global data protection laws
- Responding to security breaches in compliance with federal and state data breach notification requirements
- Biometric data privacy issues
- Social media and other new technologies
- Platform privacy policies and terms of use
- “Bring-your-own-device” programs, wearable devices, and other technologies in the workplace
- Background checks and use of criminal history, including under the Fair Credit Reporting Act (FCRA) and state “ban-the-box” laws
- The Health Insurance Portability and Accountability Act (HIPAA) and other health laws
- The Federal Wiretap Act
- Employee surveillance and monitoring, including under the Federal Electronic Communications Privacy Act, and Stored Communications Act
- The Telephone Consumer Protection Act
Andrew writes extensively on subjects relating to workplace privacy and information security. He joined Littler directly out of law school, where he was managing editor of the American Journal of Criminal Law. Andrew is a former NCAA baseball player, and an Eagle Scout.
