Skip to main content

Sixteenth Annual Institute on Privacy and Data Security Law

 
Author(s): Lisa J. Sotto, Thomas J. Smedinghoff, John B. Kennedy, Francoise Gilbert
Practice Area: Health Care, Intellectual Property, Privacy & Cybersecurity
Published: Jul 2015
ISBN: 9781402424588
PLI Item #: 57191
CHB Spine #: G1231, G1232

Francoise Gilbert focuses her practice on U.S. and global data privacy and cybersecurity in a wide variety of markets, including, among others, compliance with the European Union General Data Protection Regulation (GDPR) and other EU data protection laws, big data, cybersecurity, connected devices, intelligent vehicles, artificial intelligence, robots and other emerging technologies.

She counsels clients on complex issues related to evaluating and strategically managing privacy, security, and e-business risks. She assists in the design of product and services to help meet the company’s objectives within the constraints of compliance requirements; the development of compliance programs to meet data protection laws in a variety of markets, including the EU, Asia/Pacific, Middle East / Africa, and the Americas. She also advises clients in the development of internal programs to help drive a culture of privacy across entire organizations; product development strategies aimed at meeting the privacy-by-design and security-by-design principles; and addressing privacy and security in mergers and acquisitions, and other corporate and commercial transactions.

A sought-after speaker, Francoise Gilbert has been featured on numerous panels throughout the United States and internationally on privacy, security, the EU General Data Protection Regulation (GDPR), global privacy programs, cloud computing, connected objects, smart cities, robot law, risk management, outsourcing, information technology, and e-business law by industry groups, bar associations and trade associations.

In addition, Ms. Gilbert is the author of the leading two-volume treatise "Global Privacy and Security Law" which covers in depth the privacy and data protection laws of 68 countries on all continents. She has written numerous chapters in collective works and has published hundreds of articles in peer-reviewed publications, professional journals and magazines on privacy, security, emerging technologies, compliance, cybercrime, outsourcing, workplace privacy, information law, data governance, Internet law, eCommerce, children protection, and comparative law.

Concentrations

  • Information privacy and security, US and international
  • Artificial intelligence
  • Big data, data analytics
  • Interest-based advertising
  • Internet of Things, connected objects, intelligent vehicles, smart cities
  • Complex technology licensing; cloud computing; outsourcing
  • Blockchain


John Kennedy is a partner in Wiggin and Dana’s Corporate Department and a member of the Information Technology and Outsourcing, and Privacy and Information Security Groups.

In 25 years of practice, Mr. Kennedy has focused on transactions and counseling in the law of information technology, data privacy and security, intellectual property and e-commerce. His transactional practice includes outsourcing, software development and licensing, e-commerce transactions, technology transfer and intellectual property-intensive M&A, divestitures, joint ventures and re-structurings. His clients have included Fortune 500 as well as emerging companies in the financial services, technology, communications, media, energy and consumer products sectors.

Mr. Kennedy has negotiated complex information technology (IT) outsourcing services agreements involving cloud computing, IT infrastructure and software procurement, systems integration, software development and maintenance, voice and data services and disaster recovery and business continuity. He has also negotiated business process outsourcing (BPO) agreements for call centers and customer support services, finance and accounting services, human resources administration, enterprise procurement services, government passport and visa services, research and development services and supply chain management. His work in this area includes advising clients on all stages of the contract process, including RFP preparation and evaluation, vendor diligence, negotiation of definitive agreements and ongoing advice concerning governance, dispute management and amendments.

In Mr. Kennedy’s extensive practice in information privacy and security law, he has represented clients in connection with risk and compliance assessments of data privacy policies and practices, data breach preparedness and response, regulatory investigations of data practices, behavioral advertising campaigns and ‘privacy by design’ analyses of products and services in social media and mobile e-commerce, corporate information governance programs, international data transfers and compliance with U.S. state and federal data privacy and information security laws. His clients in this area include companies in the financial services, technology, media, energy and consumer products industries. He is the author of numerous articles on privacy and data security and since 2000 has co-chaired Practicing Law Institute’s Annual Privacy and Data Security Law Institute. Bloomberg BNA recently published Mr. Kennedy’s Privacy & Data Security Practice Portfolio Series, Cybersecurity and Privacy in Business Transactions: Managing Data Risk in Deals (March 2015).

He has been named in the Who’s Who of Business Lawyers for 2012 for Internet, e-Commerce and Data Protection (for more about the standards for inclusion in Who’s Who of Business Lawyers, please see www.whoswholegal.com/wwl100/methodology). Chambers USA ranks Mr. Kennedy nationally in their Outsourcing category (for more information about the standards for inclusion in Chambers USA, please see www.chambersandpartners.com/methodology). The Best Lawyers in America has named him for his work in Information Technology Law since 2009 (for more about the standards for inclusion in The Best Lawyers in America, please see www.bestlawyers.com/about/methodologybasic. aspx).  Recently he was elected to the The American Law Institute, the leading independent organization in the United States producing scholarly work to clarify, modernize, and otherwise improve the law.

Mr. Kennedy received his J.D. from Columbia Law School. He was a William Rainey Harper Fellow at the University of Chicago, where he earned an M.A. in English and American Literature, and graduated magna cum laude from Carleton College.


Named among The National Law Journal’s “100 Most Influential Lawyers,” Lisa Sotto chairs Hunton Andrews Kurth’s top-ranked Global Privacy and Cybersecurity practice and is the managing partner of the firm’s New York office.  She also serves on the firm’s Executive Committee.  Lisa has received widespread recognition for her work in the areas of privacy and cybersecurity.  She was voted the world’s leading privacy advisor in all surveys by Computerworld magazine and has received top rankings for privacy and data security by Chambers and Partners and The Legal 500.  Lisa serves as the Chairperson of the Department of Homeland Security’s Data Privacy and Integrity Advisory Committee. 

Lisa assists clients in identifying, evaluating and managing risks associated with privacy and data security practices.  She advises clients on GLB, HIPAA, COPPA, CAN-SPAM, FCRA, VPPA, security breach notification laws, and other U.S. state and federal privacy and data security requirements (including HR rules), and global data protection laws (including those in the EU, Asia and Latin America).  More recently, Lisa’s work includes assisting dozens of clients in developing strategies for complying with the California Consumer Privacy Act of 2018.

Featured as “The Queen of Breach” in an article by New York Super Lawyers Magazine, Lisa provides extensive advice on cybersecurity risks, incidents and policy issues, including proactive cyber incident readiness.  Since 2005, she has advised clients on more than 1,600 cybersecurity and data breach incidents in the U.S. and abroad, including many of the seminal events.  Lisa is the editor and lead author of the legal treatise entitled Privacy and Cybersecurity Law Deskbook, published by Aspen Publishers, Wolters Kluwer Law & Business. 

Lisa is chair of the New York Privacy Officers’ Forum and a former member of the Board of Directors of IAPP.  She received her J.D. from the University of Pennsylvania Law School, where she was an editor of the Law Review.  She received her B.A. from Cornell University, with Distinction in All Subjects.  Lisa is admitted to practice in New York.


 


Thomas J. Smedinghoff is Of Counsel in the Privacy & Cybersecurity practice group in the Chicago office of Locke Lord LLP.  His practice focuses on the developing field of information law and electronic business activities, and he has been actively involved in developing e-business, e-signature, identity management, and data security legal policy both in the U.S. and globally. 

He currently serves as a member of the ABA’s Cybersecurity Legal Task Force, and is Chair of the Identity Management Legal Task Force and Co-Chair of the Cybersecurity Subcommittee in the Business Law Section’s Cyberspace Committee. He is also an advisor to the U.S. Delegation to the United Nations Commission on International Trade Law (UNCITRAL), and in that capacity he helped to negotiate the international e-commerce treaty known as the United Nations Convention on the Use of Electronic Communications in International Contract. He is currently working with UNCITRAL to address international electronic identity management issues. He also serves as an Advisor to the Uniform Law Commission Study Committee on Identity Management in Electronic Commerce.       

Tom is co-editor and contributing author of the Guide to Cybersecurity Due Diligence in M&A Transactions (ABA, 2017), and a contributing author to the 1st and 2nd editions of The ABA Cybersecurity Handbook - A Resource for Attorneys, Law Firms & Business Professionals (ABA, 2013 and 2018).  He is also the author of the book titled Information Security Law: The Emerging Standard for Corporate Compliance, (2008), and editor and primary author of the e-commerce book titled Online Law: The Legal Guide to Doing Business on the Internet (1996). He can be reached at Tom.Smedinghoff@lockelord.com