Skip to main content

Twenty-Second Annual Institute on Privacy and Cybersecurity Law

Speaker(s): Alex Iftimie, Christine E. Lyon, Elvis M. Chan, Eric Goldman, Flora J. Garcia, Francoise Gilbert, Harvey Jang, Hilary M. Wandall, James G. Snell, Kathryn J. Fritz, Lara Kehoe Hoffman, Leonard Hawkes, Lothar Determann, Maneesha Mithal, Margaret A. Keane, Maureen A. Young, Melissa Bishop, Melody Hildebrandt, Merri A. Baldwin, Michelle Visser, Nicholas Murray, Polina Zvyagina, Raffaele Zallone, Rebecca S. Engrav, Ron De Jesus, Sandra Joyce, Sara Cable, Scott A. Kamber, Shiv Sankar, Stacey D. Schesser, Will DeVries
Recorded on: May. 3, 2021
PLI Program #: 303176

Alex Iftimie is co-chair of Morrison & Foerster’s Global Risk and Crisis Management group and routinely advises Fortune 500 and high-growth clients on all aspects of breach preparedness and response, including counseling executives on cybersecurity governance and risk management, and responding to cyber incidents ranging from ransomware attacks to nation-state sponsored economic espionage. Drawing on his experience at the National Security Division of the U.S. Department of Justice, Alex also advises global entities on legal obligations related to the Foreign Agents Registration Act (FARA); foreign investment transactions before the Committee on Foreign Investment in the United States (CFIUS); and laws related to material support to terrorism, sanctions, and export controls.

Prior to joining Morrison & Foerster, Alex held multiple senior positions at the DOJ, including Counselor to the Attorney General, Deputy Chief of Staff and Counsel to the Assistant Attorney General for National Security, and Special Assistant United States Attorney in the Eastern District of Virginia. Throughout his time at DOJ, he advised the Department leadership on national security, intelligence and cyber matters, including policy and legal issues arising in the National Security Council process, CFIUS matters, complex issues involving FARA, and engagements with non-U.S. officials. He also represented the Department on the Export Control Reform Initiative that sought to strengthen national security and the competitiveness of key U.S. manufacturing and technology sectors, and before the Foreign Intelligence Surveillance Court on issues involving novel questions at the intersection of law and technology. Most recently, as a prosecutor in the National Security and Cybercrime Units of the U.S. Attorney’s Office for the Eastern District of Virginia, Alex brought the Department’s charges against Russian efforts to interfere in the 2018 midterm elections. During his time at the U.S. Attorney’s Office, he also investigated, and/or prosecuted, federal crimes ranging from espionage, trade secret theft, and national security cyber matters, to fraud, firearm, and drug offenses.

Christine Lyon is a partner in Morrison & Foerster’s Privacy + Data Security practice.  Chris helps companies develop privacy and data protection strategies for new products and services, as well as privacy compliance programs for their customer and employee data. A trusted advisor, Chris works collaboratively with her clients to develop practical approaches that leverage data while complying with evolving global privacy and data protection laws.

Based in Silicon Valley, Chris’ clients span various industries for which data are vital to operations or business models, including technology service providers, hardware and software companies, pharmaceutical and biotechnology companies, and consumer product manufacturers.  She has extensive experience navigating privacy risks from design through production and beyond, regularly counseling startups and large multinationals alike throughout the lifespans of their products and services.  Chris has particularly extensive experience advising technology companies on building privacy protections into cutting-edge offerings including connected products and services (Internet of Things), artificial intelligence (AI) and data analytics, and cloud-based services, as well as on managing the related “Big Data” implications.  She also frequently conducts privacy assessments of new products and services and helps clients structure and negotiate the privacy aspects of M&A and other strategic transactions to both achieve compliance and manage data risks.

By addressing emerging data protection laws, including the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), Chris helps clients achieve efficiency and cross-jurisdictional coordination in their privacy programs. Chris also has experience implementing a variety of mechanisms to facilitate international data flows and transfers, including EU Binding Corporate Rules, Privacy Shield certification, and international data transfer agreements. She has coordinated projects spanning privacy law requirements in dozens of countries, consolidating this information into practical, actionable privacy programs for clients.

Legal500 US has recognized Chris as a “rising star” in the area of privacy and data protection, and she has received The Burton Award for Distinguished Legal Writing.  She frequently writes and speaks on U.S. and global data protection laws, particularly on technology-related privacy issues.

Flora J. Garcia discovered privacy law one snowy night in law school when she read the case of Bodil Lindqvist, a Swedish woman who was the first person charged with violating the EU Privacy Directive.  Flora recently joined Wayfair as Data Protection leader. Previously, she was McAfee’s Global Chief Privacy Officer and Information Security Attorney, after stints at MUFG Union Bank and magazine publisher Time Inc. 

Flora is a graduate of the evening program at Fordham Law School, the University of North Carolina at Chapel Hill’s Journalism School, and Duke University, where she majored in computer science and economics.  Flora is an IAPP Fellow of Information Privacy and holds the CIPP/US, CIPP/IT, and CISSP certifications.  

Francoise Gilbert, CEO of DataMinding, is one the world’s top legal experts in the areas of privacy and data security compliance, data governance, and risk management. She is the primary author and editor of the law treatise "Global Privacy and Security Law" (2 volumes, 4, 000 pages; Wolters Kluwer publisher) which covers in depth the privacy and data protection laws of 68 countries on all continents.

Ms. Gilbert received the 2019 Vanguard Award (California Lawyers Association) in recognition of her pioneering work in the area of data privacy and security law.  She has received numerous accolades from her peers acknowledging her thought leadership in identifying and addressing the unique privacy and data security legal issues raised by emerging technologies, including recognitions by the National Law Journal as “Privacy & Cybersecurity Trailblazer”, and by Best Lawyers as a “San Francisco Best Lawyer of the Year” in the area of Data Protection. She currently focuses her research and analysis on the myriad privacy, security and ethical issues raised by the use of Artificial Intelligence (AI) and Internet of Things (IoT) technologies.

In her private practice, she assists clients in anticipating their data security, privacy, and information management obligations, and in addressing these obligations in the context of their business and revenue objectives. Projects include, among others, framing and designing disclosures and compliance programs to meet the most recent legal developments, such as the California Consumer Protection Act (CCPA), or the European General Data Protection Regulation (GDPR); structuring Data Protection by Design and by Default processes in the development of new products; or implementing practical structures to address global operations and cross-border data transfer restrictions.

Harvey Jang is Vice President and Chief Privacy Officer at Cisco responsible for the company’s global privacy strategy and vision. In this role, he leads a global team of privacy professionals, lawyers, and engineers that develop and orchestrate Cisco privacy policies and standards; privacy engineering, innovation, and insights; and compliance capabilities, certifications, and accountability frameworks. Harvey and his team represent Cisco with regulators, standards bodies, non-governmental organizations (NGOs), media, and customers on issues related to privacy, information governance, and data ethics. 

Prior to joining Cisco, Harvey was Senior Director of Legal Affairs for McAfee, a part of Intel Security, where he was lead counsel for privacy, security, marketing, consumer protection, and antitrust. In this role, he worked closely with engineers and product teams to develop and implement data protection policies and practices, design privacy enhancing products and functionality, and manage legal compliance. Previously, Harvey was the Director of Privacy and Information Management and Chief Privacy & Security Counsel for HP; Senior Compliance Counsel for Symantec; and Litigation Counsel with O’Melveny & Myers LLP and Gibson Dunn & Crutcher LLP.

Harvey serves on the Research Advisory Board of the International Association of Privacy Professionals (IAPP); is an instructor for the IAPP’s privacy credentials (CIPP/US, CIPP/Europe, and CIP/Technologist); and is on the Advisory Council of the Centre for Information Policy Leadership (CIPL). He is also a frequent speaker on a variety of topics related to privacy, security, and information governance.

Harvey earned his B.A. from the University of California, Los Angeles, and his J.D. from the University of California, Hastings College of the Law. He is also a Certified Information Privacy Professional and Fellow of Information Privacy by IAPP, Certified Information Security Manager by the Information Systems Audit and Control Association (ISACA), and Certified Information Professional by the Association for Information and Image Management (AIIM).

Hilary Wandall is General Counsel, Corporate Secretary and Chief Data Governance Officer of TrustArc Inc.  She oversees all legal, regulatory and policy and strategic partnership matters and manages the legal, policy and data governance, regulatory affairs and business development teams.  She also serves as President of the certification subsidiary, TRUSTe LLC.  Hilary joined TrustArc in 2016 after 22 years at the global pharmaceutical company, Merck, where she most recently was AVP, Compliance and Chief Privacy Officer.  Hilary led the global privacy program at Merck since 2004 and the global compliance program for the Merck Animal Health business since 2013.  During her tenure at Merck, Hilary also held positions as corporate attorney, marketing promotion manager and biomedical research scientist.

Hilary is actively engaged in efforts to support the development of the privacy profession, to drive interoperability across privacy and data protection regimes around the world, and to scale and integrate privacy and data governance through technology.  She recently has co-authored multiple articles on cross-jurisdictional privacy interoperability.  She has been involved in various organizations across the privacy and legal communities, including the Executive Committee of the IAPP Board of Directors and 2016 IAPP Board Chairman, Chair of the Board of the International Pharmaceutical Privacy Consortium, member of the OECD Privacy Experts Working Group, Executive Committee of the Board of Trustees of the International Accountability Foundation, Advisory Board of the Future of Privacy Forum, Steering Committee of the Centre for Information Policy Leadership, and the Advisory Board of the Temple Law Center for Compliance and Ethics.

Hilary received her law degree and MBA from Temple University, Master of Bioethics from the University of Pennsylvania, and Bachelor of Science in Biology from Moravian College. She holds the CIPP/US, CIPP/EU and CIPM certifications.  She is also a Fellow of Information Privacy.  She is admitted to practice law in New Jersey and Pennsylvania.  She resides with her family in Pennsylvania.

Jim Snell is a partner in the Privacy & Security Group at Perkins Coie.  He represents clients in a broad range of complex commercial matters, including Internet and privacy issues, security issues, IP, false advertising, and class actions.  Jim’s experience includes, among other things, IoT, unmanned vehicles, wiretap and surveillance matters, AI and machine learning, the Communications Decency Act, biometrics, web scraping, data breach, and the Telephone Consumer Protection Act.

Jim is a Certified Information Privacy Professional (CIPP) as designated by the International Association of Privacy Professionals (IAPP).

Lara Kehoe Hoffman is Vice President, Data Privacy and Security (Legal) and Global Data Protection Officer at Netflix, a global streaming entertainment service available in over 190 countries. Lara joined Netflix in January 2015, bringing with her a passion for building and improving data protection programs, and promoting a pro-privacy culture. Lara has domain expertise in GDPR, information management, education and kids privacy, among other areas.

In her legal career Lara has represented a diverse array of clients from start-ups to multinationals in businesses ranging from technology to retail to toys. In her personal time Lara tends to three teenagers and two cats, and watches a lot of shows and movies (which means lap time for happy cats).

Lara attended the University of San Diego, School of Law and has a degree in Comparative Literature from Yale.

Lothar Determann practices and teaches international data privacy, technology, commercial and intellectual property law.

At Baker McKenzie in San Francisco and Palo Alto, he has been counseling companies since 1998 on data privacy law compliance and taking products and business models international. Admitted to practice in California and Germany, he has been recognized as one of the top 10 Copyright At-torneys and Top 25 Intellectual Property Attorneys in California by the San Francisco & Los An-geles Daily Journal and as a leading lawyer by Chambers, Legal 500, IAM and others. For more information see Contact:

Prof. Dr. Determann has been a member of the Association of German Public Law Professors since 1999 and teaches Data Privacy Law, Computer Law and Internet Law at Freie Universität Berlin (since 1994), University of California, Berkeley School of Law (since 2004), Hastings Col-lege of the Law (since 2010), Stanford Law School (2011) and University of San Francisco School of Law (2000-2005). He has authored more than 150 articles and treatise contributions as well as 5 books, including Determann’s Field Guide to Data Privacy Law (4th Edition, 2020, also available in Chinese, German, Hungarian, Japanese, Portuguese, Russian, Spanish and Turkish) and Cali-fornia Privacy Law - Practical Guide and Commentary on U.S. Federal and California Law (4th Ed. 2020).

Recent papers include Healthy Data Protection (, Electronic Form over Substance (, No One Owns Data (

Maureen A. Young is Senior Regulatory Counsel and Senior Vice President at Bank of the West, a member of the BNP Paribas Group.  She advises on a wide range of financial services regulatory, data privacy and security, compliance, examination, enforcement and corporate governance matters, as well as regulatory strategy and policy issues.  She supports major business initiatives involving the Bank and its U.S. and global BNP Paribas affiliates, including innovation and fintech projects.  She is a Certified Information Privacy Professional (CIPP/US), International Association of Privacy Professionals (IAPP).

Prior to joining Bank of the West in 2016, Maureen was Managing Director and Associate General Counsel at MUFG Union Bank, serving as a lead lawyer on key regulatory and implementation projects and as lead privacy counsel to the Privacy and Information Security team. The strategic projects she supported included strategy for and formation of a U.S. intermediate holding company as required by the Federal Reserve’s Enhanced Prudential Standards regulations. She also served as legal centerpost on a major business integration consolidating the U.S. workforce under one legal entity and integrating business line management and operations across MUFG’s legal entities in the Americas.

Maureen was previously a partner at a large international law firm, where she was a member of the Financial Institutions Corporate and Regulatory Group, Commercial Technology Group, and was Co-Chair and Co-Founder of the firm’s Privacy and Security Group. Before joining the firm in 2003, Maureen was Assistant General Counsel in Bank of America’s Legal Department, Regulatory and Corporate Services Group.

Maureen is well-established in the California and national banking and financial services industry. She is a member of the Board of Directors of the Financial Women of San Francisco, currently serving as Co-Chair of the Programs Committee.  She is a past Chair of the American Bar Association Banking Law Committee, as well as a past Chair of the Financial Institutions Committee of the California Lawyers Association and past President of the San Francisco Bank Attorneys Association.  She organizes presentations and speaks regularly to financial and professional organizations.

She received her J.D. from University of California at Berkeley, School of Law, her Ph.D. and M.A. in Jurisprudence and Social Policy from University of California at Berkeley, and her A.B. (magna cum laude, Phi Beta Kappa) from Georgetown University.

Melissa Bishop is a seasoned information security governance, risk management and compliance professional who has helped build security programs and teams at multiple organizations. Her career experience spanning Deloitte, Autodesk and Uber provides her with valuable understanding of cyber security threats and the management processes and solutions to mitigate them. 

Melissa is currently the Deputy CISO and Head of Security Assurance within Uber’s Engineering Security organization, responsible for information security governance, compliance and risk management. Melissa has first hand knowledge of the range of challenges that face companies when attempting to build and operate right-sized security programs that address the ever-evolving threat landscape. Melissa is CISA, CISM, CRISC and CISSP certified.

Melody Hildebrandt is Executive Vice President, Consumer Products and Engineering at FOX. She runs product and engineering for all digital experiences across web, mobile, and living room applications within the FOX brands including Fox Sports, Fox News, Fox Television Stations, and Fox Broadcasting Corporation. She is also the group Chief Information Security Officer, responsible for the cyber security posture of the business as well as the Executive Sponsor of Fox Women in Technology.

Prior to this, she was the Global Chief Information Security Officer at 21st Century Fox where she was responsible for the cyber security posture of 21CF businesses including 20th Century Fox, Fox Networks Group, National Geographic Partners, Fox News, Star India and others.  Before joining 21CF, she was an executive vice president of Palantir Technologies. An early employee of the company, she led Palantir’s work in cyber security, anti money laundering, and regulatory response. Prior to that, she consulted to US and international governments with Booz Allen Hamilton where she designed military and strategy wargames.

Merri Baldwin is a shareholder at Rogers Joseph O’Donnell, where her practice focuses on attorney liability and commercial litigation.  She handles claims of legal malpractice and breach of fiduciary duty, as well as motions to disqualify and for sanctions.  She regularly counsels lawyers and law firms on legal ethics and law practice management issues.  She represents attorneys in disciplinary matters before the State Bar of California, and has extensive experience handling attorney-client fee disputes.  Ms. Baldwin is a Vice-Chair of the State Bar of California’s Closing the Justice Gap Working Group.  Ms. Baldwin is a former chair of the State Bar of California Committee on Professional Responsibility and Conduct, and is currently a member of the California Lawyers Association Ethics Committee.  She is a co-chair of the Legal Malpractice subcommittee for the American Bar Association Litigation Section Committee on Professional Services Litigation.  Ms. Baldwin served as the President of the Bar Association of San Francisco for 2017.  Ms. Baldwin frequently lectures to attorneys and professional organizations on issues related to litigation, legal malpractice and ethics issues, and she is a lecturer at the University of California at Berkeley School of Law.  Ms. Baldwin co-edited The Law of Lawyers’ Liability (ABA/First Chair Press 2012) and since 2006 she has served as a consulting editor for the Attorney Fee Agreement Forms Manual, published by Continuing Education of the Bar, California.  Prior to law school, Ms. Baldwin was a Fulbright Scholar at the London School of Economics.


J.D., University of California at Berkeley, School of Law (Boalt Hall)

B.A., Smith College, Magna Cum Laude with high honors

Michelle Visser has extensive experience in defending companies that face the regulatory investigations, class action litigation, and payment card brand claims that frequently follow the announcement of cybersecurity incidents. In addition to litigating privacy and cybersecurity matters, Michelle has navigated numerous companies through their cybersecurity response, including by overseeing technical forensic investigations, advising on notification obligations and coordinating communication strategies.

When faced with an incident, companies call Michelle for crisis response with an eye toward potential litigation. Clients also look to Michelle for privacy and cybersecurity advice before a crisis is at hand. Michelle regularly takes the lessons learned from litigating privacy and cybersecurity matters to provide clients with proactive advice on how to structure their privacy and cybersecurity programs and incident response plans in ways designed to reduce legal exposure.

For her role in representing companies that have faced some of the most high-profile cybersecurity incidents and litigation to date, Michelle was named one of the “40 Under 40” in 2018 by the Global Data Review and a “Rising Star” by Law360 in 2015. She was also recognized as one of the “Women Leaders in Technology Law” by The San Francisco Recorder in 2015.

Michelle is also regularly turned to for defense against other types of class actions and complex litigation with experience in defending companies against securities, antitrust, and other commercial claims.

Professional Experience

Leonard Hawkes has practiced EU, International and English law from Brussels since 1984. Apart from data privacy, commercial law advice and drafting contracts, his practice includes dispute resolution regarding competition law (anti-trust). Len advises on international trade, EU energy law & regulation and comparative contract law. He qualified as a European Mediator in 2016.

Originally practicing law as a barrister, Len re-qualified as a solicitor in 1993 and became the Brussels Partner of a City of London firm of solicitors. Subsequently he became European Counsel in Brussels & London to a major, NY headquartered, US law firm. Leonard is Of Counsel at and is the firm’s Data Protection Officer.


  • University of Kent BA (Hons.) Law, 1979
  • Barrister at Law – Inns of Court School of Law, 1980
  • Solicitor of the Senior Courts of England and Wales, 1993

Membership and Activities

  • Member of the ‘Privacy and Rights of the Digital Person’ & ‘Mediation and Conflict Prevention’ Commissions of the Union Internationale des Avocats (UIA).
  • Registered as a European lawyer with the Brussels Bar (OBFG) since 1984.
  • Member of the UK Association for European Law (UKAEL).

    Recent Publications/Speeches

    Electronic Commerce, Social Media and Franchising, Franchise Practice Guide (Editor P.F. Zeidman) LBR London 2021 edition forthcoming (Co-author with B. Simpelaere).

    UK National Rapporteur on the ‘New EU Data Protection Regime’, for the 2021 FIDE (Fédération Internationale du Droit Europèen) Conference, the Hague November 2021.

    B2B Trading practices and competition in the EU Food Supply Chain - Choice – Innovation – Buying Alliances – Private Labels: (Larcier, 2017 in ‘La Distribution Commerciale/Commercial Distribution’).

    Recent Lectures:

  • What work is the ICO preparing on AI and Why?’ & ‘An update on GDPR and Brexit’ for the UIA Annual Congress | November 2019 | Luxembourg.
  • Co-organiser with the Law Societies’ Joint EU Office of ‘Implementing Brexit
    A Rule Of Law Perspective
    ’, European Parliament Brussels, December 2018. Presentation: ‘Brexit: Impact on the Protection of Personal Data’.
  • Direct Marketing & AI, Impact of the General Data Protection Regulation (GDPR) for the UIA Annual Congress | 31st October 2018 | Porto

Rebecca Engrav defends companies facing high-stakes legal proceedings regarding privacy, data breaches and security measures, online advertising, user-generated content, children’s privacy, geolocation information, right of publicity, privacy torts, and artificial intelligence and automated decision-making.

Rebecca has defended cutting-edge technology companies ranging from start-ups to Fortune 50 companies in response to government investigations brought by the Federal Trade Commission (FTC), state attorneys general, and foreign privacy regulators.  She has led incident response for high-profile data security incidents and breaches, and she has handled over 30 FTC investigations on privacy and security topics.  Most resulted in successful closure with no enforcement action, but she also has negotiated and resolved several through consent orders with the agency, including helping companies build and maintain compliance programs and obtain assessments.  State attorneys general play an increasingly important role in privacy and security matters and for over a decade, Rebecca has handled privacy and data security investigations brought by state attorneys general, including all 50 states.  She has developed long-term relationships and understanding of the unique dynamics in state AG practice.

Rebecca also represents companies in private party litigation in these same topic areas, including class actions.  She has represented companies such as Blue Nile, Google, and Zillow in litigation matters.  She has represented several companies in B2B disputes arising out of data breaches.

Rebecca also assists companies to proactively manage risk and develop compliant privacy and data security programs and practices through counseling on privacy and security questions, developing and implementing data security policies and privacy programs, and reviewing user notice and consent practices.

Ron De Jesus is the Head of Global Privacy at Grindr, the world’s largest social networking app for the LGBTQ+ community, and founder and CEO of De Jesus Consulting, a boutique privacy consulting firm specializing in privacy program and privacy strategy development, controls implementation, and privacy assessments and reviews.

Previously, Ron led the privacy function at Tinder, where he was responsible for developing and operationalizing the company’s GDPR strategy.  Ron later served as Privacy Program Manager for all North American brands owned and operated by Match Group, Inc., including Tinder, PlentyOfFish, OKCupid,, and Hinge.

Prior to Tinder, Ron served as the Global Privacy Director for Tapestry, Inc., based in New York, where he developed its global privacy program and managed privacy compliance efforts for all its brands (including Coach, Stuart Weitzman, and Kate Spade).

In 2013, Ron helped establish PwC's Data Protection & Privacy Practice in New York, where he led privacy engagements globally. Prior to PwC, he consulted with Deloitte, where he designed functional privacy controls and managed company registrations with EU authorities. In his early career, Ron consulted for Anzen, Inc., a boutique data privacy firm based in Toronto where he led numerous privacy impact assessments for large health IT system implementations across Canada.

Ron has also served as Privacy Director for American Express's Global Network Services (GNS), where he developed the business unit's privacy policy, developed its Privacy by Design program, led its strategy to comply with the EU e-Privacy Directive and served on the Amex Privacy Board.

Ron sits on the IAPP Publications Board, co-authored the latest Certified Information Privacy Manager (CIPM) textbook, and is a former CIPT Exam Development Board member. He previously co-chaired the Los Angeles IAPP KnowledgeNet and New York IAPP KnowledgeNet chapters, and is a regular contributor to the IAPP Privacy Advisor. Ron is also an IAPP Training Partner and Faculty Member, and delivers both IAPP-approved and IAPP-sponsored trainings.

Sara Cable is the Chief of the Data Privacy and Security Division and an Assistant Attorney General for the Massachusetts Attorney General’s Office. Sara leads the Office’s cybersecurity and consumer privacy protection efforts, overseeing an active docket of investigation and enforcement matters under the Massachusetts consumer protection and data protection laws.  Under her direction, Sara’s team reviews all data security incidents reported to the office under the Massachusetts data breach notice law and has conducted hundreds of investigations into cybersecurity and consumer data privacy incidents involving all sectors of the economy.  Prior to her current role, Sara was an Assistant Attorney General with the Consumer Protection Division of the Massachusetts where she investigated and prosecuted violations of the Massachusetts Consumer Protection Act.  Before her appointment as Assistant Attorney General in 2011, Ms. Cable was a litigation associate at Bingham McCutchen LLP, where she litigated commercial disputes featuring unfair trade practice, antitrust, and intellectual property claims. She received a Bachelor of Arts magna cum laude from Harvard University and a Juris Doctorate magna cum laude from the University of California, Hastings College of the Law.

Scott A. Kamber is the founding member of KamberLaw, the leading plaintiffs’ firm to focus on individual rights in the digital age.  Serving a global client base with lawyers across the United States, Mr. Kamber has led the successful resolution of dozens of high–impact litigations, including Lane v. Facebook, In re Hill’s Pet Nutrition, In re Blue BuffaloLane v. Facebook and in re Flash cookies. Currently, Mr. Kamber leads numerous litigations arising from various web technologies, wrongful use of deep packet inspection technologies, web-centric violations of Lanham Act, website accessibility and the rights of children on the internet. Mr. Kamber and his firm also apply their expertise in technology through advisory work on behalf of companies committed to distributed technology ledger technology, including blockchain.

Mr. Kamber’s efforts in Internet privacy rights began in the 1990s when he resolved what is believed to be the first Internet privacy case to recover a benefit for impacted class members. His interest in consumer rights and technology extends to new media, and he has led standard-setting litigations and resolutions involving digital rights management software for computer software, video games, and music. Mr. Kamber is a frequent speaker on these issues in the United States and abroad. Of note, he was a keynote speaker for the IAPP annual conference and a panelist at the International Conference of Data Protection and Privacy Commissioners where he spoke on the topic of coordinating private class actions with government enforcement. 

Mr. Kamber graduated cum laude from the University of California Hastings College of the Law in 1991 where he was Order of the Coif, Articles Editor for the Hastings Constitutional Law Quarterly and a member of the Moot Court Board. He graduated with University and Departmental Honors from The Johns Hopkins University in 1986. He is admitted to practice before the United States Supreme Court, the State of Colorado, New York, Missouri and the District of Columbia, as well as the United States Courts of Appeals for the Second, Eighth and Ninth Circuits, and numerous United States District Courts. Mr. Kamber is based in Colorado.


Will DeVries is Senior Privacy Counsel for Google, advising Google on global data protection compliance and product development. His work covers a broad swath of privacy issues, with special focus on online advertising, EU regulation, children’s privacy, and harmonization of global data protection rules. He previously worked for Google in Washington, DC as Policy Counsel on regulatory and legislative issues ranging from social networking to online advertising to government access to user data.

Prior to Google, Will taught Information Privacy Law and E-commerce Law at the George Washington University Law School from 2007 to 2010, and has lectured to students at Stanford University, the University of California, and elsewhere. From 2004 to 2010, Will also worked in the Communications, Privacy and Information Law group at WilmerHale LLP. He is a graduate of Princeton University and the University of California, Berkeley School of Law.

After serving in several executive positions in IBM Raffaele Zallone, formerly General Counsel for IBM Italy, in 1997 has founded Studio Legale Zallone, a niche law firm highly specialized in IT and new technologies. ( 

The activity of the firm has more recently concentrated in IT contract, Privacy and Robotics. In 2003 R. Zallone has been professor of Communication Law at the State University of Milano and in 2004 he has been appointed as professor of IT law at the Bocconi University in Milano. He is presently acting as DPO for several customers, in many diversified sectors: retail and distribution, manufacturing, hospitality services, transport, financial firms.

Raffaele Zallone is a lecturer in courses and seminars in Italy and abroad. Among others R. Zallone has been a speaker at the following: Stanford University, 2011 Spring AAAI Simposium ; University of Santa Clara Law School, 2013, High Technology Institute; University of Miami Law School, We Robots 2016, Connected cars; 2017, Court of Appeals of Milano, European Day of Justice and law; February 2017, University of Pavia, Self driving cars; July 2019, University of Turin, AEIT,  Autonomous cars and the GDPR

Raffaele Zallone is the author of several books and articles on IT, Data Privacy and robotics. He is presently in the Executive Committee of Lexing, the first international network of Law firms specializing in IT, privacy and new technologies

As EVP and Head of Global Intelligence at Mandiant, Sandra oversees intelligence collection, research, analysis and support services for threat intelligence customers and the Mandiant security product portfolio. Sandra has held positions in product management, business development and intelligence research over the course of over 23 years in both national security and commercial industry.

Sandra serves in the US Air Force Reserve and is a faculty member at the National Intelligence University.

She is completing her MBA at MIT and holds a bachelor’s degree in German with four master’s degrees in cyber-policy, international affairs, science and technology intelligence, and military operational art and science. Sandra speaks English, Spanish and German and lives in Virginia.

Kate is a partner Fenwick’s litigation, intellectual property and privacy groups, and recently completed a 12-year term as the firm’s managing partner.

Kate’s practice concentrates on business and IP litigation, with an emphasis on trademark, right of publicity and copyright, especially as applied to new technology areas. She has successfully litigated cases in federal and state courts throughout the country and through alternative dispute mechanisms. She represents and advises software publishers, computer hardware manufacturers, gaming and digital media companies, entertainment companies, traditional media publishers and consumer products companies on a wide variety of commercial and IP issues, including copyright, defamation, trademark, trade dress, advertising, right of publicity, trade secret and unfair competition matters.

Kate received her B.A., magna cum laude, from the University of California at Santa Barbara, where she was a member of Phi Beta Kappa and a University of California Regents’ Scholar. She received her J.D., cum laude, in from Georgetown University Law Center, where she was research editor of the American Criminal Law Review.

Kate is admitted to practice in New York and California. She is also admitted to practice before the U.S. District Courts for the Southern and Eastern Districts of New York, and the Northern, Eastern, Central and Southern Districts of California, as well as U.S. Courts of Appeal for the Second and Ninth Circuits.

Professional Activities and Recognition

Kate has served on the Board of Trustees of the Santa Clara County Bar Association and the Board of Directors of the Bar Association of San Francisco. She is active in diversity initiatives in the profession, including serving as Chair of the Santa Clara County Bar Association’s Diversity Committee and speaking on diversity issues before numerous organizations and groups including the Minority Corporate Counsel Association, the Project for Attorney Retention, and the Hastings Women’s Leadership Academy.

Kate writes and speaks regularly on IP issues to groups that include the Federal Judicial Center and Practicing Law Institute, and since 1999 has taught an advanced trademark law seminar at UC Berkeley School of Law.

Kate is actively involved in pro bono, both in direct client representation and with pro bono organizations. She has represented documentary filmmakers on IP issues, including David Weissman in connection with his films We Were Here, which was short-listed for an Academy Award, and The Cockettes. For many years she was on the capital defense team for a client on California’s death row, ultimately achieving a reversal of his death sentence, and has assisted clients in obtaining political asylum.  She currently serves as Vice Chair of the board of Equal Justice Works, and is a member of the board of directors of Bay Area Legal Aid. She also served on the Legal Service Corporation’s Pro Bono Task Force and was co-chair of the Subcommittee on Technology Best Practices in Pro Bono. She was recently recognized by OneJustice as a “Champion of Justice.”

Recent Recognitions

Kate has been honored by a number of prominent publications and organizations. Her most recent recognitions include:

  • The National Law Journal’s 75 Outstanding Women Lawyers (2015)
  • The Recorder’s list of Top 50 Women Leaders in Tech Law (multiple years) and, in 2015, was additionally designated as one of 10 “Power Players”
  • Diversity Council, Top 50 Women Lawyers List (2017)
  • “Northern California Super Lawyer” in the area of Intellectual Property Litigation
  • Best Lawyers, recognized for intellectual property litigation (2020)

AV Peer Review Rated as “Preeminent” by LexisNexis Martindale-Hubbell

Nick has worked in-house in Tech for more than five years and is a true strategic partner to the business. Through his work, he’s helped Twilio grow in both size and scale, as the cloud-based communications company has grown in people, places, market, and beyond. Nick also regularly partners with the Company’s Privacy Legal, DEI, and Compensation teams to ensure equity in the workplace and recently partnered across multiple functions to create Twilio’s new Open Work initiative. 

Prior to Twilio, Nick worked at Google where he led employee investigations and advised the business to ensure a fair and equitable experience for all employees.

Shiv is a Senior Counsel at Google, where he has been in-house counsel for approximately 10 years.  Over the last 10 years, he has been both Commercial Counsel and Product Counsel at Google, supporting numerous Google products, including Google’s buy-side and sell-side advertising products, YouTube, Google Assistant, and Google Search.  Prior to Google, Shiv was an intellectual property attorney specializing in intellectual property commercial matters at Skadden Arps Slate Meagher & Flom.  Shiv is also a Certified Information Privacy Professional (CIPP, U.S.). 

Shiv earned dual bachelor's degrees in both Cognitive Science with a Neuroscience emphasis and Political Science from Northwestern University.   Shiv earned both his law degree (J.D.) and a Masters in Bioethics from the University of Pennsylvania.

Elvis Chan is an Assistant Special Agent in Charge (ASAC) assigned to FBI San Francisco. ASAC Chan manages the field office’s Cyber Branch, which is responsible for cyber investigations, digital forensics, technical operations, and private sector engagement. With over 15 years in the Bureau, he is a decorated agent who is recognized within the Intelligence Community as an election cybersecurity and cyberterrorism expert. SSA Chan was the lead agent on significant cyber investigations and managed joint counterterrorism operations with domestic and foreign law enforcement agencies. Prior to joining the Bureau, SSA Chan was a process development engineer in the semiconductor industry for 12 years. He holds two U.S. patents, presents at many technical and law enforcement symposiums, and published multiple articles in journals. SSA Chan graduated from the University of Washington with degrees in chemical engineering and chemistry. 


Eric Goldman is Associate Dean for Research, Professor of Law, Co-Director of the High Tech Law Institute, and Supervisor of the Privacy Law Certificate, at Santa Clara University School of Law. His research and teaching focuses on Internet law, and he blogs on that topic at the Technology & Marketing Law Blog [].

Stacey Schesser is the Supervising Deputy Attorney General for the Privacy Unit in the Consumer Protection Section of the Office of the California Attorney General.  Her recent matters include People v. Glow, People v. Equifax, and leading the team that drafted regulations for the California Consumer Privacy Act (CCPA). She began her career at the Attorney General’s Office in 2007 in its Criminal Division and has worked in the Privacy Unit since its inception in 2012.  Stacey was recently recognized as one of the Recorder’s “Women Leader in Tech Law” and was the only public sector recipient of this award.  Stacey received her J.D. at UC Berkeley’s School of Law, where she wrote on privacy law issues for the California Law Review, and received her B.A. at Douglass College, Rutgers University.

Polina is a Privacy Lawyer that specialized in Product work. She has worked at Apple, Uber, and Airbnb. She specializes in global scalable approaches to privacy by design, privacy training, product privacy and general privacy risk mitigation.  She’s currently serving in a new policy role at Facebook specializing in building scalable solutions for responsible AI using existing and forthcoming frameworks.

Prior to her legal career, she worked as an investigator at the NYC Civilian Complaint Review Board, where she investigated allegations of police misconduct.

Maneesha Mithal is the Associate Director of the Federal Trade Commission’s Division of Privacy and Identity Protection, which focuses on consumer privacy, data security, and credit reporting issues.  In this capacity, she has managed significant initiatives, including reports on Big Data, the data broker industry, the Internet of Things, consumer privacy, facial recognition, and mobile privacy disclosures.  She has testified before Congress on data security, connected cars, facial recognition, and identity theft.  She has also supervised dozens of Commission enforcement actions, including against companies such as Wyndham, Google, Youtube, Equifax, Facebook, Twitter, HTC, Snapchat, Uber, and Lenovo.  She has held numerous positions at the Commission, including Chief of Staff of the Bureau of Consumer Protection, and Assistant Director of the International Division of Consumer Protection.  Prior to joining the Commission 1999, Ms. Mithal was an attorney at the Washington law firm of Covington & Burling.  Ms. Mithal earned her law degree from the Georgetown University Law Center and her undergraduate degree from Georgetown University.

Margaret Keane is a Partner in the employment group at the international firm of DLA Piper LLP.  She is based in San Francisco and works with clients to address the challenges of today’s workplace, including workplace privacy, employee mobility issues, mobile devices, wage and hour compliance, and related workplace issues.