Eric DiIulio

Eric DiIulio is an associate in the firm’s Business Law Department and a member of the firm’s Privacy and Cybersecurity practice. He represents clients in a broad array of privacy and cybersecurity matters and frequently counsels technology companies on how to ensure that novel uses of data comply with various privacy frameworks. Mr. DiIulio has been deeply immersed in the California Consumer Privacy Act (CCPA) since it was drafted, developing broad expertise in assessing whether clients are subject to the CCPA, analyzing whether any “sales” of personal information have occurred and which exceptions to the “sale” rule may apply, negotiating, drafting, and revising commercial agreements to include data use restrictions appropriate to the parties’ roles under the CCPA, preparing rights request response guides, assisting clients with data mapping efforts, and updating privacy policies to include the mandated disclosures.

Mr. Dilulio has significant GDPR counseling experience, including drafting privacy policies, negotiating, drafting, and revising data processing addenda, legitimizing cross-border data transfers, facilitating record-keeping compliance, and preparing responses to data subject rights requests.

Mr. DiIulio has helped several clients satisfy their obligations in the wake of data breaches and also counseled clients on complying with state biometric information privacy laws.

Mr. DiIulio also regularly advises clients on a broad spectrum of privacy issues related to financings, private equity, and M&A transactions.

Prior to joining Goodwin in 2018, Mr. DiIulio was an associate at Sheppard Mullin Richter & Hampton, where he focused on class action defense, privacy litigation, and privacy counseling.