1100 Peachtree Street NE Suite 2800, Atlanta, GA USA 30309
Amanda Witt co-leads both the Cybersecurity, Privacy and Data Governance Practice and the Technology, Privacy & Cybersecurity Team at Kilpatrick. She focuses her practice in the areas of information technology, U.S. and global privacy, AI, IoT, information security, e-commerce, cross-border transactions, outsourcing, licensing and procurement, intellectual property protection and transactions, strategic alliances, commercial transactions, software development and licensing, SaaS services, and electronic signatures.
Amanda has worked with clients in the acquisition and licensing of technology as well as in the provision of services throughout the supply chain. She has assisted clients in various industries in the drafting and negotiation of various technology agreements, including traditional licensing, data use and licensing agreements, software development, hosting agreements, reseller agreements, website co-branding agreements, and website development agreements.
As part of her practice, Amanda helps clients identify, understand and manage privacy and information security risks, including evaluating a client’s obligations under GDPR, CCPA, CPRA, VCPA and CPA, GLBA, COPPA, CAN-SPAM, BIPA, security breach notification laws, other U.S. state and federal privacy and data security requirements, and global data protection laws (including those in the EU, Canada and Latin America). She is also a Certified Information Privacy Professional (CIPP/US) and (CIPP/E), as certified by the International Association of Privacy Professionals (IAPP). She has been appointed to serve as a Co-Chair of the IAPP Atlanta KnowledgeNet chapter (2016-2017), currently serves as the Secretary and Treasurer of the Privacy & Technology Section of the Georgia Bar, and also serves as a Board Member of the International Section of the Georgia Bar.
Along with having a master's degree in international intellectual property from a European university, her practice includes advising clients in connection with international software licensing, global privacy, foreign distributorships and foreign procurement of services.
Prior to joining the firm, Amanda was a partner in the Atlanta office of a national law firm. Her prior experience included the representation of regulated entities in business process and information technology outsourcing transactions.
Amanda was recognized in 2020, 2021, 2022 and 2023 for Privacy and Data Security Law and again in 2024 and 2025 for Information Technology Law, IT Outsourcing Law, Privacy and Data Security Law, and Technology Law by The Best Lawyers in America®. She was listed in the 2021, 2022, 2023 and 2024 editions of Chambers USA: America’s Leading Lawyers for Business and ranked nationally as a “Recognized Practitioner” in the area of Privacy & Data Security. Amanda was also listed in the 2023 and 2024 editions of Chambers Global as a leading Privacy Data & Security lawyer. She was recognized in 2015, 2021, 2022, 2023 and 2024 by Legal 500 US in the area of Outsourcing.
Experience
Ongoing advice and representation of a cloud-based security and interactive home services provider on compliance with privacy and data protection laws in Europe, Australia, Canada and Latin America.
Negotiation of strategic SaaS-related transactions for interactive home provider with global counterparts in Europe, Latin America, Asia, Canada, Israel, Africa and the Middle East.
Strategic U.S. and global privacy counseling for a provider of point-of-sale terminals, ATMs and related software and technology including the largest U.S. network of bitcoin ATMs, cashiers and kiosks.
Ongoing advice and representation of a privacy-protective internet search engine on U.S. and global privacy laws.
Negotiated strategic Infrastructure-as-a-Services transaction with a global insurance conglomerate.
Ongoing advice and representation of a multi-brand restaurant company on U.S. and global privacy laws.
Ongoing advice and representation of global email marketing company on compliance with U.S. privacy laws and European data protection laws.
Represented a metals manufacturer in connection with the negotiation of a multi-tower global information technology outsourcing transaction. In connection with such representation, ensured that adequate protections were in place to protect the privacy and security of client data including, without limitation, requiring the vendor to agree to EU model clauses in connection with the transfer of personal data from the European Union.
Revision of security and privacy provisions in a form of distribution agreement to be used globally by a global logistics provider.
Representation of telecommunications provider in connection with global strategic alliance with a global outsourcer in the development of next-generation technology solutions for enterprise businesses.
Negotiated privacy and security protections on behalf of a global insurance conglomerate, a global logistics company and a global manufacturer in connection with cloud-based CRM and HR solutions for global workforce and customer bases, including review and incorporation of safeguards and bases for data processing and transfer in Asia, Europe and Latin America.
Updated website privacy policy for paper goods manufacturer.
Advised global telecommunications company with respect to Mexican privacy / data protection laws in connection with acquisition of Mexican companies.
Counseling of global insurance provider on various Latin American and European privacy and data protection issues.
Represented natural gas provider in negotiation of agreement with third party marketer with a focus on ensuring compliance with applicable privacy laws and protection of customer data. Such representation included revisions to the client’s privacy policy to account for such third party services.
Assisted cloud-based security services provider in becoming Privacy Shield-certified under the U.S. – E.U. Privacy Shield framework and U.S. – Switzerland Privacy Shield framework.
Revision of security and privacy provisions in a form of distribution agreement to be used globally by the leading global logistics provider.
Represented a metals manufacturer in connection with a multi-tower global information technology outsourcing of its data center, network, helpdesk, contact centers and related information technology services with an aggregate net present value of approximately $6M.
Regular service as global advisory counsel on data storage, processing and transfer issues involving complex connected car and big data initiatives around the world for a large telecommunications, hosting and platform company. Representation including issues under Chinese, Russian, South Korean, Malaysian, Japanese, Thai and Hong Kong laws, as well as under many European and Latin American data protection laws and the laws of Australia, New Zealand and Canada.
Revision of privacy and security exhibit for various service and license agreements on behalf of paper goods manufacturer.
Insights View All
News Releases
Blogs
Contracts & Commercial Agreements
Cybersecurity, Privacy & Data Governance
Catholic University, Leuven, Belgium LL.M. (2004) Intellectual Property Law, magna cum laude
Emory University School of Law J.D. (2000) cum laude, William D. Ferguson Scholar
University of Florida B.A. (1996) magna cum laude, Phi Beta Kappa
Georgia (2000)
The International Association of Privacy Professionals, former KnowledgeNet Co-Chair
State Bar of Georgia, Privacy & Technology Law Section
Chair (2023-Present)
Vice-Chair (2022-2023)
Secretary & Treasurer (2021-2022)
State Bar of Georgia, International Law Section, Board Member
Disclaimer
While we are pleased to have you contact us by telephone, surface mail, electronic mail, or by facsimile transmission, contacting Kilpatrick Townsend & Stockton LLP or any of its attorneys does not create an attorney-client relationship. The formation of an attorney-client relationship requires consideration of multiple factors, including possible conflicts of interest. An attorney-client relationship is formed only when both you and the Firm have agreed to proceed with a defined engagement.
DO NOT CONVEY TO US ANY INFORMATION YOU REGARD AS CONFIDENTIAL UNTIL A FORMAL CLIENT-ATTORNEY RELATIONSHIP HAS BEEN ESTABLISHED.
If you do convey information, you recognize that we may review and disclose the information, and you agree that even if you regard the information as highly confidential and even if it is transmitted in a good faith effort to retain us, such a review does not preclude us from representing another client directly adverse to you, even in a matter where that information could be used against you.