Skip to main content

Privacy Shield Boot Camp 2016


Speaker(s): Brian L. Hengesbaugh, Caitlin Fennessy, Harry A. Valetk, Hugh Stevenson, James M. Byrne, Lara A. Ballard, Mary Ann Le Fort, Michelle Perez, Noga Rosenthal, Ryan Vinelli
Recorded on: Sep. 12, 2016
PLI Program #: 190947

Brian Hengesbaugh is Chair of the Firm's Global Data Privacy and Security Business Unit, a Member of the Firm's Global IP Tech Steering Committee, and a Member of the Firm's Financial Institutions' Group. Brian is listed in The Legal 500 Hall of Fame and was recognized as a Regulatory & Compliance Trailblazer by the National Law Journal. He is also listed as a Leading Lawyer for Cyber law (including data protection and privacy) in The Legal 500 and is listed in Chambers. Formerly Special Counsel to the General Counsel of the US Department of Commerce, Brian played a key role in the development and implementation of the US Government’s domestic and international policy in the area of privacy and electronic commerce. In particular, he served on the core team that negotiated the US-EU Safe Harbor Privacy Arrangement (Safe Harbor), and earned a Medal Award from the US Department of Commerce for this service. In addition, Brian participated on behalf of the United States in the development of a draft Council of Europe Treaty on Cyber Crime, and in the negotiation of a draft Hague Convention on Jurisdiction and the Recognition of Foreign Judgments. Brian has been quoted in the Wall Street Journal, New York Times, Forbes, CNET, Slate Magazine, Compliance Weekly, BNA Bloomberg, PCWorld and other news publications on global privacy and security issues.

Practice Focus

Brian provides advice on global data privacy, data protection, cybersecurity, digital media, direct marketing information management, and other legal and regulatory issues. He focuses on these issues in the context of: (i) advisory matters, such as new privacy and security laws and regulations, as well as technology transformations related to IoT, blockchain, mobile, cloud, data monetization, and other initiatives; (ii) transactional matters, such as mergers & acquisitions, sourcing, distributor, business partner, and other third party arrangements; and (iii) crisis matters, such as data security events, regulatory and governmental inquiries related to privacy and security issues, internal investigations, and litigation-related matters.

Brian's practice covers privacy and information management, with emphasis on regulatory and transactional issues, including data security and information technology, privacy and data protection, sourcing, digital and electronic signatures, email and telemarketing, social media, cyber crime, and jurisdiction and the enforcement of foreign judgments.

Professional Honors

  • Legal 500 Hall of Fame 
  • Leading Lawyer in Technology: Cyber law (including data protection and privacy), Legal 500 USA, 2009-2017
  • Regulatory & Compliance Trailblazer, National Law Journal, 2015
  • Recognized in Privacy and Data Security Law, Best Lawyers in America, 2016-2017

Professional Associations and Memberships

  • American Bar Association - International Law Section
  • International Association of Privacy Professionals (IAPP) - Former Advisory Board Member

Admissions

Illinois~United States (2004)

Indiana~United States (1995)

Education

University of Minnesota Law School (J.D. cum laude) (1995)

Central European University (Budapest) (Certificate) (1993)

Washington University (A.B. Economics) (1991)

Languages

English

German


Caitlin Fennessy is a senior policy advisor with the Data Flows and Privacy Team at the U.S. International Trade Administration (ITA). Since joining ITA in 2009, Caitlin has focused on privacy policy and transborder data flow issues as they impact trade.  Caitlin leads ITA’s work on European privacy issues and from 2014 through 2016 served as part of the Department of Commerce’s EU-U.S. Privacy Shield negotiating team.  Caitlin also leads ITA’s work to increase the interoperability of the APEC Cross Border Privacy Rules (CBPR) System and EU Binding Corporate Rules (BCRs) to assist industry in cross-regional compliance.  

Caitlin served as an adjunct professor of international privacy policy at the University of Maine School of Law in 2015 and 2016 and at the University of New Hampshire School of Law in 2014.  Prior to joining ITA, Caitlin worked in the National Security Division of the Office of Management and Budget and with the U.S. Senate Foreign Relations Committee.  Caitlin has a master’s degree in public affairs from Princeton University and a bachelor’s degree in social policy from Northwestern University.


Harry A. Valetk is Of Counsel in the International Commercial Practice Group in the New York office, advising global organizations on privacy and data security compliance requirements. He regularly supports companies in the insurance and financial services sector, retail, pharmaceutical/ healthcare, transportation/ logistics, hospitality, defense, social media, cloud technology, and manufacturing industries. His practice is focused on delivering commercially practical advice on designing security, privacy, and technologically compliant solutions. Harry's practice routinely covers issues that range from supporting M&A transactions that result in cross-border data transfers, to digital marketing, regulatory enforcement defense, and cyber security and data breach incident response. He also helps clients perform privacy risk assessments for EU-US Privacy Shield certifications, and works with highly-regulated entities on numerous data protection topics, including HIPAA, GLBA, FERPA, the Children’s Online Privacy Protection Act (COPPA).

Harry puts on an insider’s perspective when advising his clients having worked in-house as Director of MetLife’s Global Privacy Office in New York for almost seven years. In that role, he supported business lines in more than 60 countries to protect the personal data of over 90 million MetLife customers. Additionally, he led numerous strategic efforts to build out a global Privacy Risk Framework, achieve global compliance with applicable data privacy laws, deploy cross-border data transfer solutions, implement global training and awareness initiatives, and manage data and cyber security incidents. Before MetLife, Harry led the video game publishing industry’s privacy compliance efforts as the Director of Privacy Online for the Entertainment Software Rating Board and its COPPA Safe Harbor Seal Program. Finally, Harry served as a trial attorney for the U.S. Department of Justice, Civil Division.


Hugh Stevenson is the Deputy Director for International Consumer Protection in the Federal Trade Commission's Office of International Affairs. Mr. Stevenson leads the team that coordinates the FTC's international consumer protection and privacy policy work, and that deals with the international aspects of the FTC's consumer protection and privacy enforcement cooperation. He has served on the U.S. delegations for several international organizations, and currently heads the U.S. delegation to the OECD Committee on Consumer Policy. He has also served as a moderator for various FTC and OECD conferences focusing on international issues, including jurisdiction, judgment recognition, alternative dispute resolution, the interactive web, and spam. He coordinated FTC work on the 2006 U.S. SAFE WEB Act on international enforcement cooperation, and has led the negotiation of enforcement cooperation arrangements with agencies in Australia, Canada, Ireland, Mexico, Spain, and the United Kingdom.

Mr. Stevenson has also served in various other positions at the FTC. As the FTC's Associate Director for Planning & Information, he led the establishment of the FTC's Consumer Response Center; the FTC's identity theft program; and the Consumer Sentinel complaint system, now accessible to more than 1,000 U.S. and foreign enforcement partners. He has also litigated for the FTC, for state government, and in private practice. He is a magna cum laude graduate of the Harvard Law School, and also spent the 2005-06 academic year at Harvard as a Kramer Fellow. Currently he is an Adjunct Professor teaching comparative US-EU privacy law at the Georgetown University Law Center. He has made presentations to congressional committees, and to international organizations and other audiences on five continents.


Jim Byrne is a global security and aerospace industry executive currently serving as Lockheed Martin’s Chief Privacy Officer, Corporate Cybersecurity Attorney, and Office of Counterintelligence Counsel. Mr. Byrne also leads Lockheed’s corporate electronic discovery and enterprise records management teams, and leads special investigations. He previously managed a domestic and international ethics and business conduct program at Lockheed Martin and served on the board of wholly-owned subsidiary Pacific Architects and Engineers, Inc.

Prior to joining Lockheed Martin in August 2008, Mr. Byrne served as Deputy Special Counsel with the Office of the United States Special Counsel (OSC), a career Senior Executive Service (SES) position. Often attending the President’s Council on Integrity & Efficiency (PCIE) meetings, he routinely met with Executive Office of the President personnel on issues germane to OSC, an independent investigative and prosecutorial agency with oversight of the entire Federal executive branch. As OSC’s second-in-command, Mr. Byrne was responsible for $20M budget and daily operations and management of 120 attorneys, investigators, and specialists assigned to four offices, and he was called on to testify before the U.S. Senate and House of Representatives.

Prior to that assignment, Mr. Byrne served as both General Counsel and Assistant Inspector General for Investigations with the Office of the Special Inspector General for Iraq Reconstruction (SIGIR), an SES level position. In this capacity Mr. Byrne led teams of federal criminal law enforcement officers, both domestically and in Iraq and Kuwait, who were responsible for investigations relating to programs and operations funded by the Iraq relief and reconstruction effort. Mr. Byrne’s collaborative efforts with other federal law enforcement agencies led to dozens of successful criminal prosecutions and significant asset seizures.

Prior to his time at SIGIR and soon after the invasion of Iraq in 2003, Mr. Byrne was recalled to active duty with the U.S. Marine Corps in support of the Global War on Terrorism. Lieutenant Colonel Byrne was assigned as the Officer-in-charge of the Marine Liaison Office at the then National Naval Medical Center, Bethesda, Maryland.  He commanded teams of Marines in DC-Metro area military hospitals and Aberdeen Proving Grounds, Maryland, responsible for supporting the injured/deceased Marines/Sailors and their families.

Mr. Byrne has over 20 years of experience in the U.S. Military and U.S. Federal Government, including several years as an active duty forward deployed Marine Infantry Officer and a U.S. Department of Justice (DOJ) international narcotics prosecutor.  Mr. Byrne’s professional honors include several DOJ awards and The Drug Enforcement Administration (DEA) Administrator’s Award for Exceptional Service. He is also a recipient of several military decorations including the Meritorious Service Medal.

Mr. Byrne is a Distinguished Midshipman Graduate from the U.S. Naval Academy, where he ultimately held the top leadership position of Brigade Commander. He earned his Juris Doctorate from Stetson University College of Law, St. Petersburg, Florida, and is licensed to practice law in Florida, North Carolina, and the District of Columbia. Mr. Byrne and his wife Becky live in McLean, Virginia, and have six children and two grandchildren. Two of their sons and a son-in-law proudly serve in the U.S. Armed Forces.


Michelle Perez is Assistant General Counsel Privacy for the Interpublic Group of Companies (“IPG”), a global network of advertising and marketing communications agencies, where she is responsible for data privacy globally.  Her duties include the development, implementation and management of data privacy policies, initiatives, strategies and programs.

Prior to joining IPG, Ms. Perez was Senior Privacy Counsel for Philips Electronics North America Corporation, a multi-national health and well-being company.  In this role, she advised Philips’ businesses and functional organizations on data protection and privacy issues, managed data security incidents, and contributed to corporate efforts aimed at addressing emerging privacy and data protection requirements.

Ms. Perez is a Certified Information Privacy Professional, and a member of the 4As Privacy Committee.

Ms. Perez is a former Assistant United States Attorney for the Eastern District of New York.  She received her J.D. from Fordham School of Law and her B.A. from Georgetown University.


An experienced counselor to businesses and individuals, Mary Ann Le Fort is Vice President and Associate General Counsel at Priceline.com LLC in Norwalk, Connecticut.  Mary Ann is Priceline’s Compliance and Ethics officer, responsible for all facets of the program, including investigations, training, reporting, advising the business, and driving the values of the company’s Code of Conduct deep into the culture.  Mary Ann also advises the company on all matters involving privacy, including governance, incident response and GDPR readiness.  She also has served the company as litigation and labor and employment counsel.

Prior to her time at Priceline, Mary Ann was Counsel at Skadden Arps, in the Mass Torts and Insurance Litigation department.  Following law school, Mary Ann was a law clerk to the Hon. Denis R. Hurley in the United States Court for the Eastern District of New York.  She is a graduate of Brooklyn Law School, where she was a member of the Brooklyn Law Review, and of Vassar College.  She has served several not-for-profit organizations, is currently on the Board of Directors of Abundant Waters, Inc., which serves children in two public elementary schools on Manhattan’s West Side, providing free afterschool and summer enrichment programs.

linkedin.com/in/maryannlefort


As NCC Media’s Chief Privacy Officer and General Counsel, Noga Rosenthal is responsible for guiding the company's privacy and legal initiatives; she holds deep expertise in the development and implementation of comprehensive privacy programs. 

Noga previously served as Chief Privacy Officer at Epsilon where she led the company’s worldwide privacy, compliance and regulatory activities. Prior to Epsilon, she served as General Counsel and Vice President for Compliance and Policy for the Network Advertising Initiative (NAI), running its compliance program and ensuring that member companies delivered on the promise of self-regulation for interest-based advertising. Furthermore, she also led global legal affairs for WPP’s Xaxis, a pioneering programmatic digital media business, as SVP and General Counsel. 

Noga is a member of the Women Leading Privacy Advisory Board of the International Association of Privacy Professional (IAPP) and the IAB Federal Privacy Working Group. She has also served on the IAPP’s Education Advisory Board and was an active member of the UK Data Protection Network, providing guidance on the General Data Protection Regulation. Noga also sat on the Advisory Board of the Digital Advertising Alliance, the Data Standards Committee of the Data and Marketing Association, the Legal Affairs Council and the Public Policy Council of the Interactive Advertising Bureau. She also served as co-chair of the Privacy Committee of the Mobile Marketing Association.

Noga received her bachelor’s degree in English and Political Science from Rutgers and a J.D. from Fordham Law School.

 


Ryan Vinelli is a Vice President, Privacy and Technology counsel at Western Union. Western Union is a global leader in cross-border, cross-currency money movement. His work focuses on data protection, information security and ensuring a global-approach to securing data.

Prior to joining Western Union, Ryan was Global Cybersecurity Counsel for Verizon Media supporting brands including Yahoo, Aol, Tumblr, Huffington Post, Techcrunch and Engagdet. Ryan was also a Vice President handling global legal and privacy matters for Starwood Hotels & Resorts Worldwide, Inc. and after its acquisition at Marriott Hotels International. Ryan began his career in data protection as privacy counsel for General Electric.

Ryan is a graduate of the Benjamin N. Cardozo School of Law and holds undergraduate and graduate degrees in computer science from Tufts University. Ryan is licensed to practice law in multiple states and is a registered Patent attorney.


Lara is currently serving as the Special Advisor for Privacy and Technology in the Bureau of Democracy, Human Rights and Labor at the U.S. Department of State. She served as the head of the U.S. Delegation to the Working Party on Security and Privacy in the Digital Economy (SPDE) at the Organization for Economic Cooperation and Development (OECD) in Paris, during the OECD’s 2013 revisions to its 1980 Guidelines Governing the Protection of Privacy and Transborder Flows of Data. She also co-led the National Science and Technology Council’s Privacy Committee International Affairs Sub-Committee from 2011 to 2014, during the deliberations over the European Union’s proposed General Data Protection Regulation.  Lara served as an Attorney-Adviser at the State Department from 1999 to 2012. She is a Certified Information Privacy Professional (CIPP), a certification issued by the International Association of Privacy Professionals (IAPP). Lara has also served as the State Department lead attorney on privacy and technology law, including but not limited to the Privacy Act of 1974, the Federal Information Security Management Act of 2002 (FISMA), and the Health Information Portability and Accountability Act of 1996 (HIPAA). She has also defended the State Department in litigation, both domestically and in the Iran-U.S. Claims Tribunal, and has advised on various aspects of international criminal law and arms export control. Lara clerked for the Hon. Fred I. Parker, U.S. Court of Appeals for the Second Circuit. She is a graduate of Georgetown University’s School of Foreign Service and was an Air Defense Artillery officer in the U.S. Army from 1991 to 1995, serving in Kaiserslautern, Germany and Kuwait City, Kuwait.