Skip to main content

Twentieth Annual Institute on Privacy and Data Security Law


Speaker(s): Alexandra Ross, Christine E. Lyon, D. Esther Chavez, Darren Abernethy, Derek Care, Emily Yu, Flora J. Garcia, Francoise Gilbert, Harvey Jang, Hilary M. Wandall, Jah-Juin “Jared” Ho, James G. Snell, Jeanne M. Sheahan, Jody Westby, John F. Hyland, Jonathan Fox, Jonathan D. Avila, Katherine L. Kettler, Kathryn J. Fritz, Lara Kehoe Hoffman, Lisa R. Lifshitz, Lydia De La Torre, Marty Myers, Maureen Young, Merri A. Baldwin, Michelle Visser, Polina Zvyagina, Stacey D. Schesser, Stephen S. Wu, Steven Cooper, Thomas J. Smedinghoff
Recorded on: May. 6, 2019
PLI Program #: 251427

Martin H. (Marty) Myers is a partner in the firm's San Francisco office and a member of the Insurance Coverage and Arbitration practice groups, representing corporate policyholders in complex coverage disputes with their insurers.

A nationally recognized insurance recovery practitioner, Mr. Myers has helped clients recover billions of dollars in a wide array of industries, from agriculture to technology.

For more than twenty years, he has litigated, arbitrated and resolved complex coverage disputes throughout the world over a variety of losses and claims, including media liability, intellectual property, product recall, catastrophic property and business income loss, securities fraud and derivative litigation, management and professional liability, marine cargo, crime, alien tort/torture victim protection act, employment practices, mass tort and long tail asbestos and environmental claims.  Mr. Myers routinely advises clients on insurance program placement and complex risk transfer and indemnification issues; he is regarded as one of the world’s leading lawyers in transaction risk insurance products, including representation and warranty (warranty and indemnity) and tax loss insurance.

Representative Matters

  • Represented The Walt Disney Company in several insurance arbitrations in the US and Canada regarding coverage for major media liability/defamation, employment practices and class action matters.
  • Represented Adobe Systems, Inc. in successful litigation in Northern District of California to obtain defense fees/costs and indemnification under errors and omissions policies for massive exposure in font rights and misappropriation litigation brought by Agfa Monotype (originator of Times New Roman font).
  • Represented Sony Computer Entertainment America in obtaining substantial recovery through insurance litigation in Northern District of California and U.S. Court of Appeals for the Ninth Circuit for losses from consumer class actions for alleged damages associated with Sony PlayStation® game consoles.
  • Represented the GIC, the Government of Singapore real estate sovereign wealth fund in successful litigation and arbitrations recovering full first party and third party policy proceeds for loss of warehouse storage facilities by fire outside of Seoul, and follow on liabilities to third party property owners and others.
  • Represented the E. & J. Gallo Winery and glass bottle-making affiliate in successful insurance litigation for recovery of losses from first party and third party insurers for property damage and business income losses arising from catastrophic failure or glass furnace.
  • Represented IAC/InterActiveCorp in obtaining substantial recoveries under errors & omissions policies for defense and settlement of consumer class actions over TicketMaster “Entertainment Rewards” programs; also advised IAC on errors and omissions and general liability coverage for match.com consumer class actions.
  • Represented World Fuel Services in litigation in Southern District of New York obtaining complete recovery, plus interest under marine cargo policy for phishing theft of millions of tons of marine gas oil lost to pirates off the coast of Togo.

Accolades

  • Law360, Insurance MVP (2016)
  • Chambers USA, Insurance: Policyholder
  • The Best Lawyers in America, Insurance Law (2014-2018)
  • The Legal 500 US

Education

  • University of Michigan Law School, J.D., 1987
  • Miami University, B.A., 1984

Bar Admissions

  • California
  • Numerous admissions pro hac vice throughout the United States
  • Has appeared for clients in marine matters in Courts of Norway


Merri Baldwin is a shareholder at Rogers Joseph O’Donnell in San Francisco, where her practice focuses on attorney liability and commercial litigation. She handles claims of legal malpractice and breach of fiduciary duty, as well as motions to disqualify and for sanctions. She regularly counsels lawyers and law firms on legal ethics and law practice management issues. She represents attorneys in disciplinary matters before the State Bar of California, and has extensive experience handling attorney-client fee disputes. Ms. Baldwin is a past chair of the State Bar of California Committee on Professional Responsibility and Conduct. She is a co-chair of the Legal Malpractice subcommittee for the American Bar Association Litigation Section Committee on Professional Services Litigation. Ms. Baldwin served as the President of the Bar Association of San Francisco for 2017. Ms. Baldwin frequently lectures to attorneys and professional organizations on issues related to litigation, legal malpractice and ethics issues, and she is a lecturer at the University of California at Berkeley School of Law, where she teaches professional responsibility. Ms. Baldwin co-edited The Law of Lawyers’ Liability (ABA/First Chair Press 2012) and has served as a consulting editor for the Attorney Fee Agreement Forms Manual, published by Continuing Education of the Bar, California. Prior to law school, Ms. Baldwin was a Fulbright Scholar at the London School of Economics.

Education

J.D., University of California at Berkeley,
School of Law (Boalt Hall)

B.A., Smith College
Magna Cum Laude with high honors


Alexandra Ross is Director, Global Privacy and Data Security Counsel at Autodesk, Inc., a leader in 3D design, engineering and entertainment software. Previously she was Senior Counsel at Paragon Legal and Associate General Counsel for Wal-Mart Stores. She is a certified information privacy professional (CIPP/US, CIPP/E, CIPM, CIPT and FIP) and practices in San Francisco, California. She holds a law degree from Hastings College of Law and a B.S. in theater from Northwestern University. Alexandra is a recipient of the 2019 Bay Area Corporate Counsel Award – Privacy.

Alexandra launched The Privacy Guru blog in January of 2014 and has published an ebook Privacy for Humans (available on Amazon and iTunes).


Christine Lyon advises organizations on cutting-edge issues related to the collection, use, sharing, and safeguarding of data, including personal information of customers and employees. She serves as a trusted advisor, working with clients to develop global strategies to comply with U.S. and international privacy and data protection laws.

Christine’s practice spans a variety of industry sectors, from information technology services to consumer products, and covers clients ranging from start-ups to large multinationals. She advises technology companies on building privacy protections into their offerings, including connected products and services (Internet of Things), cloud-based and mobile services, and social media initiatives, as well as on managing the related “Big Data” implications. She also assists clients in evaluating and managing privacy risks, including in strategic transactions such as IT outsourcing, and mergers and acquisitions.

Legal 500 US recognized Ms. Lyon as a “rising star” in the area of privacy and data protection and recommended her for cyber law, and she received The Burton Award for Distinguished Legal Writing. She frequently writes and speaks on the topics of global data protection laws, workplace privacy issues, and data security laws. She is a co-editor of Global Employee Privacy and Data Security Law (BNA Books) and a member of the editorial board of the World Data Protection Report.


D. ESTHER CHAVEZ currently serves as Senior Assistant Attorney General in the Consumer Protection Division of the Office of Texas Attorney General Ken Paxton where her work encompasses a broad range of consumer protection concerns with a focus on civil enforcement cases relating to privacy and data security.

 Ms. Chavez’ current professional activities include service as Chair of the Texas State Bar’s Consumer & Commercial Law Council and as Course Director of the State Bar’s 2018 Advanced Consumer & Commercial Law Conference. 

Ms. Chavez is a frequent speaker at national and state continuing legal education seminars on a variety of privacy and consumer protection topics and most recently has been a presenter at the 22nd Annual Health Care Compliance Institute and the National Association of Attorneys’ General Consumer Protection Spring and Fall 2018 Seminars.

Ms. Chavez obtained her undergraduate and legal education at the University of Texas at Austin and the University of Texas School of Law.


Darren Abernethy is Senior Counsel at the San Francisco headquarters of TrustArc Inc.  Assisting customers for more than two decades, TrustArc is the global leader in privacy compliance technology solutions, privacy consulting and TRUSTe certification solutions, addressing all phases of companies’ privacy program management and data governance.

At TrustArc, Darren provides product and legal advice for the company’s portfolio of consent, advertising, marketing and consumer-facing technology solutions.  He also helps manage the company’s own privacy and data governance program; negotiates transactional and contractual matters; and interfaces with regulators, policy officials and TrustArc’s industry partners and peers.  Darren’s areas of particular attention include EMEA data protection law, global digital advertising, the California Consumer Privacy Act, geolocation, cross-border data transfers and marketing regulations.

Prior to joining TrustArc, Darren practiced telecommunications law in private practice in Washington, D.C.  In this capacity, he advised cable and broadband providers, cellular carriers, and members of the wireless spectrum ecosystem on FCC telecommunications matters and data privacy.  After “going west” from Washington to San Francisco, Darren helped lead a marketing and management services agency focused on “smart,” connected culinary devices prior to acquisition by its largest client.

A holder of the American Bar Association-IAPP Privacy Law Specialist designation and seven International Association of Privacy Professionals certifications, Darren is admitted to practice law in New York, Washington, D.C., and California.  

When not privacy’ing, Darren attempts to play soccer for a recreational league team, enjoys hiking the S.F. Bay Area with family and friends, and welcomes a hearty pub quiz with colleagues.  He also enjoys amateur astronomy and chipping away with his wife at their plan to visit and emboss their official U.S. National Park Passport with each of the 60 National Parks’ stamps.


Derek Care is Director II, Privacy – Legal at Uber, a global transportation technology company headquartered in San Francisco, California. In this role, Derek is responsible for advising teams throughout Uber regarding global privacy requirements and best practices, including relating to the EU’s General Data Protection Regulation and other global privacy laws. Derek is also responsible for implementing privacy policies, procedures and trainings; leading cross-company compliance efforts; and helping to embed privacy-by-design into Uber’s operations. Prior to joining Uber, Derek was Privacy Counsel at Bloomberg LP, and before that, Counsel at Bingham McCutchen LLP.


Emily Yu is Lead Privacy Counsel at Seagate Technology, where she advises and assists the company with compliance on existing and emerging data protection regulatory requirements. Prior to joining Seagate, Emily worked at TrustArc as a Global Privacy Manager and assisted several Fortune 100 companies with privacy program management and compliance with a number of international standards and frameworks, including EU-US Privacy Shield, APEC CBPRs and GDPR validations. She is also one of the first graduates of SCU Law’s Privacy Certificate program.


Flora J. Garcia discovered privacy law one snowy night in law school when she read the case of Bodil Lindqvist, a Swedish woman who was the first person charged with violating the EU Privacy Directive.  Flora is McAfee’s Global Chief Privacy Officer and Security Attorney, after stints on other in-house teams and in information security and in compliance at MUFG Union Bank and magazine publisher Time Inc.  She spearheaded McAfee’s GDPR preparedness program. 

Flora is a graduate of the evening program at Fordham Law School, the University of North Carolina at Chapel Hill’s Journalism School, and Duke University, where she majored in computer science and economics.  Flora is an IAPP Fellow of Information Privacy and holds the CIPP/US, CIPP/IT, and CISSP certifications.  


Francoise Gilbert focuses her practice on U.S. and global data privacy and cybersecurity in a wide variety of markets, including, among others, compliance with the European Union General Data Protection Regulation (GDPR) and other EU data protection laws, big data, cybersecurity, connected devices, intelligent vehicles, artificial intelligence, robots and other emerging technologies.

She counsels clients on complex issues related to evaluating and strategically managing privacy, security, and e-business risks. She assists in the design of product and services to help meet the company’s objectives within the constraints of compliance requirements; the development of compliance programs to meet data protection laws in a variety of markets, including the EU, Asia/Pacific, Middle East / Africa, and the Americas. She also advises clients in the development of internal programs to help drive a culture of privacy across entire organizations; product development strategies aimed at meeting the privacy-by-design and security-by-design principles; and addressing privacy and security in mergers and acquisitions, and other corporate and commercial transactions.

A sought-after speaker, Francoise Gilbert has been featured on numerous panels throughout the United States and internationally on privacy, security, the EU General Data Protection Regulation (GDPR), global privacy programs, cloud computing, connected objects, smart cities, robot law, risk management, outsourcing, information technology, and e-business law by industry groups, bar associations and trade associations.

In addition, Ms. Gilbert is the author of the leading two-volume treatise "Global Privacy and Security Law" which covers in depth the privacy and data protection laws of 68 countries on all continents. She has written numerous chapters in collective works and has published hundreds of articles in peer-reviewed publications, professional journals and magazines on privacy, security, emerging technologies, compliance, cybercrime, outsourcing, workplace privacy, information law, data governance, Internet law, eCommerce, children protection, and comparative law.

Concentrations

  • Information privacy and security, US and international
  • Artificial intelligence
  • Big data, data analytics
  • Interest-based advertising
  • Internet of Things, connected objects, intelligent vehicles, smart cities
  • Complex technology licensing; cloud computing; outsourcing
  • Blockchain


Harvey Jang is Senior Director, Global Data Protection & Privacy Counsel and APJC Data Protection & Privacy Officer for Cisco.  He serves as the team lead for privacy and data security related legal matters and is responsible for developing and orchestrating Cisco’s global data protection policies, compliance capabilities, certifications, and accountability frameworks.  Harvey also has primary responsibility for privacy strategy in Asia Pacific, Japan, and China (APJC) region for Cisco.

Prior to joining Cisco, Harvey was Senior Director, Legal Affairs for McAfee. Part of Intel Security where he was lead counsel for privacy, security, marketing, and antitrust compliance.  In this role, he worked closely with engineers and product teams to develop and implement data protection policies and practices, design privacy enhancing products and functionality, and manage legal compliance.  Before McAfee, Harvey was the Director of Privacy & Information Management and Chief Privacy & Security Counsel for HP; Senior Compliance Counsel for Symantec; and Litigation Counsel with O’Melveny & Myers LLP.

He is a member of the Board of Trustees for Bowman School in Palo Alto, serves as an instructor for the International Association of Privacy Professional’s privacy credentials (CIPP/US, CIPP/Europe, and CIP/Technologist), and is a frequent panelists/speaker on a variety of topics related to privacy, security, and information governance.

Harvey earned his B.A., magna cum laude, from UCLA and his J.D., cum laude, from U.C. Hastings College of the Law.  He is also a Fellow of Information Privacy (by IAPP), Certified Information Security Manager (by ISACA), and Certified Information Professional (by AIIM).


Jeanne Sheahan is a passionate privacy attorney with expertise in leading privacy compliance programs at public domestic and international organizations. She is the Head of Privacy Compliance at First Republic Bank. Before that, she was the first global privacy lead for Eventbrite, the world's largest event technology platform, and she was the lead privacy attorney at Groupon, an e-commerce marketplace, responsible for leading the design and implementation of Groupon's worldwide privacy compliance program, including for GDPR. She is a Fellow of Information Privacy (FIP, CIPP/US, CIPM) with the International Association of Privacy Professionals.

Jeanne also worked for 8 years as outside counsel, including at Davis Wright Tremaine counseling on privacy and security best practices. She is also a seasoned litigator. While at DWT and for 4 years at Bingham McCutchen, she represented clients from start-ups to Fortune 500 companies in bet-the-company litigation and government investigations.


John F. Hyland has primarily focused his practice to employment law since his admission to the Bar in 1995.  Prior to forming Rukin Hyland LLP, John held an Of Counsel position with Paul Hastings, LLP in the firm's San Francisco office where he advised and represented companies in State and Federal court actions covering all areas of employment law, including wrongful termination, discrimination, harassment, disability law, employee privacy, employee leaves, and wage and hour issues.  John has represented clients in jury trials and arbitrations, and has argued cases before the California Court of Appeal.  He continues to advise and represent clients in all areas of employment law and in commercial and business disputes. 

John serves as an editor and contributing author for the CEB Publication, Employee Leave Laws: Compliance and Litigation (2016).  John also serves as a contributing author to the Thompson Reuters Inside the Minds publications.   John regularly conducts training seminars and presents on a wide array of employment law issues.  He serves as an instructor for the Sonoma State University Human Resources Certification Program.

Law & Politics Magazine selected John as one of its Northern California Super Lawyers each year from 2006 through 2012, and again in 2014-17.  San Francisco's Best Lawyers named John in its 2012 edition, and The Best Lawyers in America selected John for inclusion in each edition since 2012.

In addition to his litigation and counseling practice, John devotes a significant part of his practice to serving as a mediator.  John obtained certification as an employment law mediator from Cornell University’s School of Industrial Relations.  He served as a mediator for the Sonoma County Superior Court ADR Program in which he mediated a wide array of civil cases, and he continues to serve as a panelist for the Court’s settlement conference program.  John is also a member of the Early Neutral Evaluation Program for the United States District Court for the Northern District of California for which he serves as an evaluator.

John received his B.S. degree from Saint Joseph's University in Philadelphia, Pennsylvania.  He earned his J.D. degree from Golden Gate University School of Law in San Francisco, where graduated in 1995 with highest honors and first in his class.  While at Golden Gate, John served as a contributing author and associate editor for the Golden Gate Law Review.


Jonathan Avila joined Walmart Stores, Inc. as Vice President, Chief Privacy Officer in October 2012.  Mr. Avila is responsible for the worldwide data privacy and records management program for Walmart’s operations involving 11,000 retail locations with more than two million employees in 27 countries, as well as Walmart’s e-commerce websites in ten countries.  Mr. Avila previously served as Vice President -- Counsel, Chief Privacy Officer of The Walt Disney Company.  Mr. Avila initiated the data privacy program at Disney in 2001 and led the development of Disney's enterprise privacy compliance program covering all of Disney's online and offline business activities in the nearly 50 countries in which Disney operates.

Mr. Avila has been active in the international data privacy community, having served for five years on the board of directors of the International Association of Privacy Professionals, including serving as President of the IAPP in 2009.  Mr. Avila has spoken at numerous conferences on data privacy issues, including conferences of the international data privacy commissioners sponsored by the governments of Spain and Mexico.  Mr. Avila is a co-author of Privacy Compliance and Litigation in California (CEB 2014).  Mr. Avila served on the advisory committee to the California Office of Privacy Protection on the development of its guidance on California's "Shine the Light" law relating to business' information sharing practices.  Mr. Avila also has taught on the subject of privacy law as an Adjunct Professor of the School of Law of the University of Arkansas.

Mr. Avila began his career as a law clerk to Judge W. Eugene Davis of the United States Court of Appeals for the Fifth Circuit.  Mr. Avila later was an associate with Latham & Watkins, and Litigation Counsel with the CBS television network.  Before joining Disney, Mr. Avila served as General Counsel Chief Privacy Officer of MValue.com, Inc., a venture capital funded Internet company.

Mr. Avila graduated with a B.A. from Yale University and a J.D. from Harvard Law School.  Mr. Avila also holds a diploma from the University of Salamanca (Spain) and holds the Certified Information Privacy Professional credential issued by the IAPP.


Jonathan Fox, Director of Privacy Engineering and Strategy and Planning, is a member of Cisco’s Chief Privacy Office and co-author of THE PRIVACY ENGINEER’S MANIFESTO, Getting from Policy to Code to QA to Value (ApressOpen 2014).

With over 17 years of privacy experience, Jonathan’s principal areas of focus have been product development, government relations, mergers and acquisitions, and training. He is a Certified Information Privacy Professional (CIPP/US), a Certified Information Privacy Manager (CIPM), and was a Certified Information Security Manager (CISM).

Prior to Cisco, Jonathan was a Senior Privacy Engineer at Intel.  His previous roles have included Director of Data Privacy, McAfee; Director of Privacy, eBay; Deputy Chief Privacy Officer for Sun Microsystems, and Editor-in-Chief of sun.com.        

Jonathan frequently speaks at industry events and is a member of the IEEE P7002 Personal Data Privacy Working Group, the IAPP Privacy Engineering Section Forum Advisory Board, and the ISO/PC 317 Consumer Protection: Privacy by Design for Consumer Goods and Services US Technical Advisory Group.


Katherine L. Kettler is the Director of US Legal Investigations/Employment Law.  She leads a team of investigators who review internal claims of harassment, discrimination and retaliation.  Katherine has been an employment law attorney for almost 20 years with a focus on employment litigation and counseling in all aspects of labor and employment law, including ADA and leave of absence compliance, discrimination avoidance, sexual harassment and diversity/inclusion programs.

Education

J.D. summa cum laude  – Boston College Law School; Newton, MA
M.S.W. – University of Pennsylvania; Philadelphia, PA
B.A. -- Bar College; Annandale-on-Hudson, NY

Prior Law Firm Affiliations

Miller Law Group
Paul Hastings Janofsky & Walker
Ropes & Gray

Professional Recognition

Named a “Rising Star” by Super Lawyers – Northern California magazine in 2010 and 2011

Clerkship

Federal Court, District of Massachusetts

Bar Admissions

California


Kathryn J. Fritz is a partner in the Litigation, Intellectual Property and Privacy Groups of Fenwick & West, a law firm focusing on technology and life sciences matters. Ms. Fritz is resident in the firm’s San Francisco office. She served as the firm’s Managing Partner from 2006 through 2017.

Ms. Fritz’s practice concentrates on business and intellectual property litigation, with an emphasis on trademark, right of publicity and copyright, especially as applied to new technology areas. She has represented and advised software publishers, computer hardware manufacturers, gaming and digital media companies, entertainment companies, traditional media publishers and consumer products companies on commercial and intellectual property issues.

PROFESSIONAL ACTIVITES AND RECOGNITION

Ms. Fritz writes and speaks regularly on intellectual property issues to groups that include the Federal Judicial Center and Practicing Law Institute, and since 1999 has taught an advanced trademark law seminar at UC Berkeley School of Law.

She was named to The National Law Journal’s 75 Outstanding Women Lawyers in 2015; has been named to The Recorder’s list of Top 50 Women Leaders in Tech Law and, in 2015, was additionally designated as one of 10 “Power Players.”

Ms. Fritz has been a member of the Board of Trustees of the Santa Clara County Bar Association and the Board of Directors of the Bar Association of San Francisco, and she is active in diversity initiatives in the profession.

PRO BONO INVOLEMENT

Ms. Fritz has been actively involved in pro bono, representing documentary filmmakers in intellectual property matters, a client on California’s death row in this federal habeas corpus petition, ultimately achieving a reversal of his death sentence, and clients in political asylum petitions.

Ms. Fritz is also active in the greater pro bono community. She is currently a member of the Board of Directors of Equal Justice Works and the Board of Directors of Bay Area Legal Aid, and a member of the Pro Bono Institute’s Law Firm Advisory Board. She previously served the Legal Service Corporation’s Pro Bono Task Force and was co-chair of its Subcommittee on Technology Best Practices. She was recently honored by OneJustice for her pro bono leadership.

EDUCATION AND ADMISSIONS

Ms. Fritz received her B.A., magna cum laude, from the University of California at Santa Barbara, where she was a member of Phi Beta Kappa and a University of California Regents’ Scholar. She received her J.D., cum laude, from Georgetown University Law Center, where she was Research Editor of the American Criminal Law Review. She is a member of the State Bars of New York and California, and numerous federal courts.


Lara Kehoe Hoffman (CIPP/US, CIPP/E) is Chief Privacy Officer at Netflix, the world’s leading internet entertainment service. Lara joined Netflix in January 2015, bringing with her a passion for building and improving data protection programs, and promoting a pro-privacy culture. Lara has domain expertise in GDPR, information management, education and kids privacy, among other areas. In her legal career Lara has represented a diverse array of clients from start-ups to multinationals in businesses ranging from technology to retail to children’s toys.

Lara attended the University of San Diego, School of Law and has a degree in Comparative Literature from Yale. 


Lisa Lifshitz is a partner in Torkin Manes’ Business Law Group, specializing in the areas of information technology and business law and is the leader of the firm’s Technology, Privacy & Data Management Group and Emerging Technology Group.

Lisa has particular expertise in preparing and negotiating technology agreements, including Internet-related, m-commerce and e-commerce agreements, cloud computing agreements, mobile payment agreements and outsourcing, system acquisition and master services agreements. She provides technology-related advice on financings and acquisitions, including export control/open source advice on cross-border deals. She also provides guidance on IoT, AI/smart contracts, blockchain and open source legal matters. Lisa has considerable experience helping non-Canadian companies, especially American entities, create appropriate legal agreements for their entry into the Canadian marketplace.

Lisa also practises in the area of privacy, cybersecurity and information management, advising both Canadian and international clients on compliance with Canadian privacy requirements. She routinely advises clients on trans-border data transfers, data breach management and anti-spam compliance. She also advises on the oversight obligations of boards of directors regarding cybersecurity issues and on cybersecurity risk mitigation strategies more generally.

Lisa is a prolific writer on technology, privacy and cybersecurity law issues, including as the author of the monthly “IT Girl” column for Canadian Lawyer magazine online. She has contributed to such publications as the American Bar Association (ABA)’s Business Law Today, Internet and E-Commerce Law in Canada and e-Commerce Law Report and has spoken for the ABA, Lexpert, the Canadian Technology Law Association, the Ontario Bar Association and the International Technology Law Association.

Lisa has been highly recognized by for her technology and privacy law expertise both nationally and internationally. She was awarded the 2018 Lexpert Zenith Award for Mid-Career Excellence in Computer and IT Law. She has been recognized since 2015 by The Best Lawyers in Canada for Privacy and Data Security Law, Technology Law; has been ranked in Chambers Canada and Chambers Global for Information Technology; and as a recommended lawyer in Computer & IT Law in The Canadian Legal Lexpert® Directory since 2005.  She holds leadership positions in the ABA’s Business Law and Science and Technology Sections.


Lydia de la Torre joined Santa Clara in 2017 as the inaugural privacy fellow. She is the co-director of the Privacy Certificate program and teaches comparative data privacy. Her research centers on State data governance laws.

Lydia started working in data protection in 1997. She has extensive professional experience working on complex EU, US, and international data protection issues in the private sector. She started her career working as an Associate at Garrigues, a Spanish legal firm that provides business law advice in thirteen countries across Europe, Africa, Asia and the Americas. Professor de la Torre has worked as privacy counsel and consultant for fortune five hundred companies such as eBay, PayPal, Intuit and HP. Professor de la Torre’s current areas of interest include EU data protection laws and data protection at the local and State level in California.

Lydia founded the legal blog ‘Golden Data’ (https://medium.com/golden-data) in 2018 with the goal of promoting the teaching of comparative privacy law. The blog includes teaching resources, case law analysis and op-eds on topics related to data governance laws including GDPR and CCPA.           

Education

J.D., Univesidad Complutense Madrid (Spain)

L.L.M. EU Tax Law, Centro de Estudios Garrigues (Spain)

L.L.M. Intellectual Property, Santa Clara University School of Law

Areas of Specialization

Data Protection, Privacy, Cybersecurity

Affiliations and Honors

Member California Bar Association

Member Madrid Bar Association (Spain)

Member IAPP (CIPP/US Certified)

Member Internet Ethics Advisory Group – Markkula Center for Applied Ethics

Outstanding Faculty Award (2006 for teaching Legal Translation and Interpretation at the National Hispanic University)

2012/2013 LL.M. Student of the Year Santa Clara University School of Law

SAMPLE PUBLICATIONS

For IAPP:

“Is California on its way to going for ‘adequacy’?“ https://iapp.org/news/a/is-california-on-its-way-to-going-for-adequacy/

DPR matchup: The California Consumer Privacy Act 2018” https://iapp.org/news/a/gdpr-matchup-california-consumer-privacy-act/

“Do we need the CCPA whistle-blower provision back?” https://iapp.org/news/a/do-we-need-the-cacpa-whistleblower-provision-back/

SSRN

A guide to the California Consumer Privacy Act of 2108 https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3275571

See also: https://medium.com/@dltsays_


Maureen A. Young is Senior Regulatory Counsel and Senior Vice President at Bank of the West, a member of the BNP Paribas Group.  She advises on a wide range of financial services regulatory, data privacy and security, compliance, examination, enforcement and corporate governance matters, as well as regulatory strategy and policy issues.  She supports major business initiatives involving the Bank and its U.S. and global BNP Paribas affiliates, including innovation and fintech projects.  She is a Certified Information Privacy Professional (CIPP/US), International Association of Privacy Professionals (IAPP).

Prior to joining Bank of the West in 2016, Maureen was Managing Director and Associate General Counsel at MUFG Union Bank, serving as a lead lawyer on key regulatory and implementation projects and as lead privacy counsel to the Privacy and Information Security team. The strategic projects she supported included strategy for and formation of a U.S. intermediate holding company as required by the Federal Reserve’s Enhanced Prudential Standards regulations. She also served as legal centerpost on a major business integration consolidating the U.S. workforce under one legal entity and integrating business line management and operations across MUFG’s legal entities in the Americas.

Maureen was previously a partner at a large international law firm, where she was a member of the Financial Institutions Corporate and Regulatory Group, Commercial Technology Group, and was Co-Chair and Co-Founder of the firm’s Privacy and Security Group. Before joining the firm in 2003, Maureen was Assistant General Counsel in Bank of America’s Legal Department, Regulatory and Corporate Services Group.

Maureen is well-established in the California and national banking and financial services industry.  She is the immediate past Chair of the American Bar Association Banking Law Committee. She is a member of the Board of Directors of the Financial Women of San Francisco, currently serving as Co-Chair of the Programs Committee.  She is former chair of the California Lawyers Association (State Bar) Financial Institutions Committee and the San Francisco Bank Attorneys Association.  She organizes presentations and speaks regularly to financial and professional organizations.

She received her J.D. from University of California at Berkeley, School of Law, her Ph.D. and M.A. in Jurisprudence and Social Policy from University of California at Berkeley, and her A.B. (magna cum laude, Phi Beta Kappa) from Georgetown University.


Michelle Visser has extensive experience in defending companies that face the regulatory investigations, class action litigation, and payment card brand claims that frequently follow the announcement of cybersecurity incidents. In addition to litigating privacy and cybersecurity matters, Michelle has navigated numerous companies through their cybersecurity response, including by overseeing technical forensic investigations, advising on notification obligations and coordinating communication strategies.

When faced with an incident, companies call Michelle for crisis response with an eye toward potential litigation. Clients also look to Michelle for privacy and cybersecurity advice before a crisis is at hand. Michelle regularly takes the lessons learned from litigating privacy and cybersecurity matters to provide clients with proactive advice on how to structure their privacy and cybersecurity programs and incident response plans in ways designed to reduce legal exposure.

For her role in representing companies that have faced some of the most high-profile cybersecurity incidents and litigation to date, Michelle was named one of the “40 Under 40” in 2018 by the Global Data Review and a “Rising Star” by Law360 in 2015. She was also recognized as one of the “Women Leaders in Technology Law” by The San Francisco Recorder in 2015.

Michelle is also regularly turned to for defense against other types of class actions and complex litigation with experience in defending companies against securities, antitrust, and other commercial claims.


Stephen S. Wu is a shareholder with Silicon Valley Law Group in San Jose, California.  He advises clients on transactions, compliance, liability, security, and privacy matters regarding the latest technologies in areas such as robotics, artificial intelligence, automated transportation, the Internet of Things, and Big Data.  He helps clients with domestic and international privacy and security matters in negotiating agreements, incident response, breach notification, litigation, and managing privacy and security programs, certifications, and audits.  He counsels clients concerning cyber-risk insurance policies and coverage and risk management strategies.  In addition, he advises clients on secure electronic commerce using digital signatures, other secure electronic signatures, electronic credentials such as digital certificates, encryption, and public key infrastructure.

From 1997 to 2001, Mr. Wu was VeriSign, Inc.’s second in-house attorney, where he managed the development and deployment of worldwide policies and procedures for VeriSign’s digital certification Internet security services.  Before his work at VeriSign, he practiced with two international law firms in the areas of intellectual property and general litigation, as well as technology transactions.

Mr. Wu served as Chair of the American Bar Association Section of Science and Technology Law from 2010 to 2011.  From 2001 to 2004, Mr. Wu was Co-Chair of the Section’s Information Security Committee.  He helped found the Section’s Artificial Intelligence and Robotics, Internet of Things, Big Data, and Homeland Security Committees.

Mr. Wu has written or co-written seven books on information security law, including his most recent publications: A Guide to HIPAA Security and the Law Second Edition (2016) and A Legal Guide to Enterprise Mobile Device Management:  Managing Bring Your Own Device (BYOD) and Employer-Issued Device Programs (2013).  He has written numerous book chapters and articles on data protection, artificial intelligence, and robotics topics.  He is a frequent speaker at industry conferences and continuing legal education programs on information security, EU’s General Data Protection Regulation, artificial intelligence, robotics, autonomous driving, and other cutting edge technologies.

Mr. Wu received a Bachelor of Arts degree from the University of Pittsburgh in 1985, and graduated from Harvard Law School in 1988 with a Juris Doctor degree..


Steven M. Cooper is an Associate General Counsel, Employment Law, at Western Digital Corporation, where he has been since June 2014.  He provides advice and counseling in all areas of employment law, including workplace investigations, wrongful termination litigation, performance management, compliance with anti-discrimination and leave laws, reasonable accommodations, mergers and acquisitions, and reductions in force.  He has also trained managers and other employees on sexual harassment and other discrimination laws, managing within the law, and performance management.

Steven is also a member of the Western Digital Privacy team, focusing on the privacy rights of employees.  In this role, he has been responsible for updating various policies, drafting privacy notices for employees, reviewing vendor agreements, providing advice on employee monitoring, and overseeing the records of processing activities program. 

Before joining Western Digital, Steven served in both Legal and HR with Tesla Inc. and at DaVita Inc.  Steven started his law practice at O’Melveny and Myers LLP in its Los Angeles office. 

Steven earned his J.D., magna cum laude, from Hastings College of the Law, and his B.A., cum laude, from U.C. San Diego.


Thomas J. Smedinghoff is Of Counsel in the Privacy & Cybersecurity practice group in the Chicago office of Locke Lord LLP.  His practice focuses on the developing field of information law and electronic business activities, and he has been actively involved in developing e-business, e-signature, identity management, and data security legal policy both in the U.S. and globally. 

He currently serves as a member of the ABA’s Cybersecurity Legal Task Force, and is Chair of the Identity Management Legal Task Force and Co-Chair of the Cybersecurity Subcommittee in the Business Law Section’s Cyberspace Committee. He is also an advisor to the U.S. Delegation to the United Nations Commission on International Trade Law (UNCITRAL), and in that capacity he helped to negotiate the international e-commerce treaty known as the United Nations Convention on the Use of Electronic Communications in International Contract. He is currently working with UNCITRAL to address international electronic identity management issues. He also serves as an Advisor to the Uniform Law Commission Study Committee on Identity Management in Electronic Commerce.       

Tom is co-editor and contributing author of the Guide to Cybersecurity Due Diligence in M&A Transactions (ABA, 2017), and a contributing author to the 1st and 2nd editions of The ABA Cybersecurity Handbook - A Resource for Attorneys, Law Firms & Business Professionals (ABA, 2013 and 2018).  He is also the author of the book titled Information Security Law: The Emerging Standard for Corporate Compliance, (2008), and editor and primary author of the e-commerce book titled Online Law: The Legal Guide to Doing Business on the Internet (1996). He can be reached at Tom.Smedinghoff@lockelord.com


Hilary Wandall is General Counsel, Corporate Secretary and Chief Data Governance Officer of TrustArc Inc.  She oversees all legal, regulatory and policy and strategic partnership matters and manages the legal, policy and data governance, regulatory affairs and business development teams.  She also serves as President of the certification subsidiary, TRUSTe LLC.  Hilary joined TrustArc in 2016 after 22 years at the global pharmaceutical company, Merck, where she most recently was AVP, Compliance and Chief Privacy Officer.  Hilary led the global privacy program at Merck since 2004 and the global compliance program for the Merck Animal Health business since 2013.  During her tenure at Merck, Hilary also held positions as corporate attorney, marketing promotion manager and biomedical research scientist.

Hilary is actively engaged in efforts to support the development of the privacy profession, to drive interoperability across privacy and data protection regimes around the world, and to scale and integrate privacy and data governance through technology.  She recently has co-authored multiple articles on cross-jurisdictional privacy interoperability.  She has been involved in various organizations across the privacy and legal communities, including the Executive Committee of the IAPP Board of Directors and 2016 IAPP Board Chairman, Chair of the Board of the International Pharmaceutical Privacy Consortium, member of the OECD Privacy Experts Working Group, Executive Committee of the Board of Trustees of the International Accountability Foundation, Advisory Board of the Future of Privacy Forum, Steering Committee of the Centre for Information Policy Leadership, and the Advisory Board of the Temple Law Center for Compliance and Ethics.

Hilary received her law degree and MBA from Temple University, Master of Bioethics from the University of Pennsylvania, and Bachelor of Science in Biology from Moravian College. She holds the CIPP/US, CIPP/EU and CIPM certifications.  She is also a Fellow of Information Privacy.  She is admitted to practice law in New Jersey and Pennsylvania.  She resides with her family in Pennsylvania.


Jim Snell is a partner in the Privacy & Security Group at Perkins Coie.  He represents clients in a broad range of complex commercial matters, including Internet and privacy issues, security issues, IP, false advertising, and class actions.  Jim’s experience includes, among other things, IoT, unmanned vehicles, wiretap and surveillance matters, AI and machine learning, the Communications Decency Act, biometrics, web scraping, data breach, and the Telephone Consumer Protection Act.

Jim is a Certified Information Privacy Professional (CIPP) as designated by the International Association of Privacy Professionals (IAPP).


Polina Zvyagina is a Privacy Lawyer that specialized in Product work. She has worked at Apple, Uber and now Airbnb. She specializes in global scalable approaches to privacy by design, privacy training, product privacy and general privacy risk mitigation. 

Prior to her legal career, she worked as an investigator at the NYC Civilian Complaint Review Board, where she investigated allegations of police misconduct.


Stacey Schesser is the Supervising Deputy Attorney General for the Consumer Law Section’s Privacy Unit of the Office of the California Attorney General.  She began her career at the Attorney General’s Office in January 2007 in the Criminal Division, and was hired as one of the first deputies into the newly formed Privacy Unit in 2012.  She has also served as a staff attorney for the Third Circuit Court of Appeals in Philadelphia, and was a law clerk in the San Francisco District Attorney’s Office’s Hi-Tech Crimes Unit.  Stacey is a graduate of University of California—Berkeley School of Law, where she wrote on privacy law issues for the California Law Review and a participant in the Samuelson Law, Technology & Public Policy Clinic.  Before attending law school, Stacey was a grassroots organizer for two non-profit organizations in Washington, DC.


Drawing upon a unique combination of more than twenty years of technical, legal, policy, and business experience, Ms. Westby provides consulting and legal services to public and private sector clients around the world in the areas of privacy, security, cyber governance, incident response, and digital asset inventories and data mapping. Her cyber risk assessment methodology has been used by large multinational corporations in nearly every industry sector.  Her team has deep expertise in assessing industrial control and SCADA systems used in manufacturing, electrical grids, and critical infrastructure sectors. She also serves as Adjunct Professor to the Georgia Institute of Technology’s School of Computer Science and is a professional blogger for Forbes.

Ms. Westby is a member of the bars of the District of Columbia, Pennsylvania, and Colorado. She serves as chair of the American Bar Association’s (ABA) Privacy and Computer Crime Committee (Science & Technology Law Section) and co-chair of the Cybercrime Committee (Criminal Justice Section) and is serving a third term on the ABA President’s Cybersecurity Task Force.  She co-chaired the World Federation of Scientists’ (WFS) Permanent Monitoring Panel on Information Security and served on the ITU Secretary-General’s High Level Experts Group on Cybersecurity. 

Ms. Westby led the development of the International Toolkit on Cybercrime Legislation and is an editor and co-author of the 2010 WFS-ITU publication, The Quest for Cyber Peace. Ms. Westby is co-author and editor of four books on privacy, security, cybercrime, and enterprise security programs and author of two books on legal issues associated with cybersecurity research, all published by the ABA.  She speaks globally on these issues.

Previously, she launched In-Q-Tel for the CIA, was senior managing director at PricewaterhouseCoopers, was senior fellow and director of IT Studies for the Progress and Freedom Foundation, and was director of domestic policy for the U.S. Chamber of Commerce.  Ms. Westby practiced law at Shearman & Sterling and Paul, Weiss, Rifkind, Wharton & Garrison.  B.A., summa cum laude, University of Tulsa; J.D., magna cum laude, Georgetown University Law Center; Order of the Coif.  Ms. Westby is a member of the American Bar Foundation and the Cosmos Club.


Jah-Juin “Jared” Ho is an attorney with the Division of Privacy and Identity Protection (DPIP) at the Federal Trade Commission.  This Division of the FTC has responsibility for enforcing federal statutes and regulations that pertain to information security and consumer privacy.  Jared investigates and prosecutes violations of U.S. federal laws governing the privacy and security of consumer information and has worked on FTC enforcement actions under Section 5 of the Federal Trade Commission Act.  Prior to joining DPIP, Jared was an attorney in the FTC’s Office of Technology Research and Investigations.  Jared has also served as a Senior Policy Advisor in the Federal Communications Commission’s Enforcement Bureau where he advised on cases and rulemaking.

In addition to his federal service, Jared was a Deputy Attorney General for the State of New Jersey where he led his office’s privacy and data security efforts. He has also served as a visiting fellow at Princeton University’s Center for Information Technology Policy.