Mullen Coughlin, Cybersecurity & Data Privacy

Pre-breach planning
& Compliance
Privacy & Data Security Learn More
Breach Response 24/7 Crisis Management Services Learn More Litigation Defense Single-Plaintiff or Class Action Litigation Learn More Regulatory
Investigation
& Management
Cybersecurity and Data Protection Learn More

Cybersecurity & Data Privacy

Mullen Coughlin LLC is a law firm uniquely dedicated exclusively to representing organizations facing data privacy events, information security incidents, and the need to address these risks before a crisis hits. Founded by John Mullen, Jennifer Coughlin, Jim Prendergast, and Chris DiIenno, our team of accessible and motivated attorneys have handled thousands of events and possess experience and talent in data breach response, regulatory investigation defense, pre-breach planning and compliance, and privacy and security litigation defense unmatched in the industry.

Meet Our Team

  • Richard J. Aponte-Boyd Partner
    (267) 930-4888

    Richard Aponte-Boyd, a Partner at Mullen Coughlin, focuses his practice on data privacy and security incident response. Working with organizations […]

    Read More
  • George Chaisty Partner
    +44 (20) 8152 2178 | U.S. Office: +1 (267) 930-4392

    George Chaisty is a Partner with Mullen Coughlin UK (MC UK) based in London. He focuses his practice on data […]

    Read More
  • MaryEllen T. Conroy Partner
    (267) 930-4582

    MaryEllen Conroy is a Partner in Mullen Coughlin’s Litigation practice. With over 30 years of experience in U.S. state and […]

    Read More
  • Jennifer A. Coughlin Partner & Managing Member
    (267) 930-4774

    Jennifer A. Coughlin is a Founding Partner of Mullen Coughlin and its Managing Member, guiding the Firm in its commitment […]

    Read More
  • Ambre Rae Cross Partner
    (267) 930-1316

    Ambre Cross is a Partner with Mullen Coughlin UK (MC UK) and a key member of the Firm’s regional Incident […]

    Read More
  • C DiIenno Christopher J. DiIenno Partner
    (267) 930-4775

    Christopher Dilenno is a Founding Partner of Mullen Coughlin, focusing his practice on assisting organizations as they respond to, and […]

    Read More
  • Elizabeth R. Dill Partner & Co-Chair, Advisory Compliance
    (267) 930-5327

    Elizabeth (Liz) Dill, CIPP/US is a Partner at Mullen Coughlin, located in Richmond, Virginia. She focuses her practice on counseling […]

    Read More
  • Kevin E. Dolan Partner & Co-Chair, Advisory Compliance
    (267) 930-4861

    Kevin E. Dolan is a Partner at Mullen Coughlin and Co-Chair of the Firm’s Advisory Compliance practice group. As Co-Chair, […]

    Read More
  • Kevin M. Farrell Partner
    (267) 930-4691

    Kevin Farrell is a Partner at Mullen Coughlin. He represents organizations, particularly in the healthcare and life sciences industry, through […]

    Read More
  • Edward J. Finn Partner
    (267) 930-4776

    A Partner at Mullen Coughlin, Ed Finn assists organizations of all sizes with ensuring compliance with a wide variety of […]

    Read More

Firm News & Events

CA Senate Bill 690 Amendments

Yesterday afternoon, July 1, 2026, the California Assembly Committee on Privacy and Consumer Protection passed an amended version of Senate Bill 690, paving the way for significant CIPA reform upon passage of the bill into law later this year. The newly amended bill passed in committee is currently limited to addressing liability under California Penal Code Section 638.51, known as the pen register / trap and trace provision.

As amended, SB690 would restrict CIPA’s private right of action under California Penal Code Section 637.2 so that only the Attorney General could bring actions against persons or entities under Section 638.51 when based on “an internet website, online application, or mobile application.” On its effective date, SB690 will also apply retroactively to any pending claim brought under Section 638.51 filed within the prior two years. 

As currently drafted, SB690 is set to become effective as of January 1, 2027, and would cover all pending claims under Section 638.51 filed on or after January 1, 2025.

A broad coalition appeared at the committee hearing to voice their support for SB690. Committee member comments at the hearing indicated that further amendments aimed at curbing other CIPA litigation being pursued by private persons may be considered and added to the bill before the August 31, 2026 deadline for the entire Assembly and Senate to pass SB690 through a floor vote. Further amendments may address claims brought under CIPA Section 631(a), known as the wiretapping provision. Following passage by floor vote, unless signed into law earlier or vetoed by Governor Gavin Newsom, SB690 will become law on September 30, 2026.

Key Takeaways:

– The amendment eliminates a private right of action under the pen register / trap and trace provision (Section 638.51).
– The amendment would retroactively apply to claims filed within the two years prior to the effective date. As currently drafted, the amendment would become effective January 1, 2027, and would retroactively apply to any claims filed on or after January 1, 2025.
– Legislative momentum and a recognition of need for further change appears strong, with broad support and indications that additional amendments—potentially addressing the wiretapping provision under Section 631(a)—may be introduced before final passage. 

Businesses should continue to monitor developments closely and assess their risk exposure, particularly with respect to website tracking and communication technologies. For additional information, please contact Kevin Dolan () and Jim Monagle ().

Read More

Mullen Coughlin UK Bolsters Partnership With Addition of Ambre Cross as Partner

Mullen Coughlin LLC continues its strategic growth by bolstering its international Incident Response (IR) practice with experienced attorney Ambre Cross as Partner in its London office.

“I am delighted to join Mullen Coughlin as a Partner. The Firm’s achievements in the UK cyber market to date, in terms of growth and reputation, are nothing short of remarkable. It is an incredibly exciting time for Mullen Coughlin, and I look forward to contributing to the Firm’s continued strategic growth in the UK,” said Ambre.

As Breach Counsel, Ambre is often called upon to advise on diverse and complex notification and regulatory obligations stemming from a wide range of data privacy and security incidents across the UK, EU, and other international jurisdictions. In addition to her IR practice, Ambre defends organizations in technical and diverse class action, single-plaintiff, and B2B litigation against claims relating to data privacy, protection, and security, as well as represents them in regulatory investigations. She routinely interacts, on behalf of her clients, with numerous UK-based regulatory agencies including the Information Commissioner’s Office (ICO), Financial Conduct Authority (FCA), the Solicitors Regulation Authority (SRA), and the Charity Commission.

Ambre is recognized by Legal 500 UK for her “knowledge and expertise” in highly-specialized areas of law, including cyber law, and she is often invited to speak at national and international conferences on cyber risk.

“I am thrilled to welcome Amber to the team,” said MC UK Managing Partner Cameron Carr. “I know the caliber of lawyer and colleague she is – she combines excellent judgment with a pragmatic, client-focused approach, and I am delighted that she has chosen to join us.”

“Ambre embodies the qualities that have fueled Mullen Coughlin’s growth from the very beginning – sound judgment based in unrivaled experience and an unwavering commitment to client service,” Mullen Coughlin Managing Member Jennifer A. Coughlin adds. “As the cyber landscape continues to evolve, the addition of talent like Ambre’s to our peerless team of skilled attorneys is essential to the Firm’s success. We welcome Ambre to the Firm.”

Read More

Cyber Liability Claims Trends

As part of the IRMI’s free webinar series, Mullen Coughlin Partner Carolyn Purwin Ryan joins Kirsten Mickelson from Gallagher Bassett on the webinar, “Cyber Liability Claims Trends,” on July 21.

Designed for insurance, IT, and other risk management professionals, this presentation provides attendees with valuable insights into today’s cyber risk landscape and the related financial, legal, and operational consequences of data privacy and security incidents. Carolyn provides the latest trends in cyber liability claims such as emerging threats and common vulnerabilities, and best practices to mitigate cyber risk, enhance cybersecurity resilience, and understand cyber insurance.

Learn more and register to attend here.

Read More

© Mullen Coughlin. Attorney Advertising Notice: Information contained in this Web site may be considered attorney advertising. The material and information contained on these pages is intended to provide general information only and not legal advice. You should consult with an attorney licensed to practice in your jurisdiction before relying upon any of the information presented here. You are advised that the acts of sending e-mail to or view or downloading information from this website does not create an attorney-client relationship. Disclaimer | Sitemap