We’d welcome your feedback! Click here to take a brief Customer Satisfaction Survey to let us know how we can improve your experience.
Skip to main content

Privacy and Data Security Law Institute (Thirteenth Annual)


Speaker(s): Alexandra Ross, Beth Givens, Cathy Bump, Christine E. Lyon, Dominique R. Shelton, Felix S. Sterling, Francoise Gilbert, Geff Brown, Holly K. Towle, Ian C. Ballon, Jeanette Fitzgerald, Jishnu Menon, Joanne McNabb, Jonathan D. Avila, Kathryn J. Fritz, Laura D. Berger, Liisa M. Thomas, Lindsey Finch, Marc S. Crandall, Matthew F. Fitzsimmons, MeMe Jacobs Rasmussen, Merri A. Baldwin, Paola Zeni, Paula Selis, Rebecca Matthias, Rosanne Model, Rudy Guyon, Sharon A. Anolik, Stephen S. Wu, W. Reece Hirsch, Winston Krone
Recorded on: May. 21, 2012
PLI Program #: 34384

Jishnu Menon contributes to Mozilla's mission of keeping the web open by working on the legal and policy side of its products, including Firefox, Boot to Gecko, Persona, Open Badges and Marketplace. Prior to joining Mozilla, Jishnu had worked at Adobe Systems, Wilson Sonsini Goodrich & Rosati and a social networking start-up. Jishnu's practice has included representing clients from large public companies to nascent start ups on a wide range of issues, including privacy/data issues, technology and content licensing, commercial agreements, open source, counseling and strategy around intellectual property/internet law, and business model and deal strategy.


Lindsey Finch is salesforce.com's Senior Global Privacy Counsel. In this role, Lindsey leads salesforce.com's global privacy program, including developing and implementing salesforce.com's privacy policies and practices, training employees on their privacy responsibilities, working directly with salesforce.com's customers on their privacy and data protection concerns, and partnering with salesforce.com's technology team to build privacy into salesforce.com's service architecture.  A practicing attorney and Certified Information Privacy Professional (CIPP), Lindsey reports directly to salesforce.com's General Counsel. Prior to joining salesforce.com, Lindsey was Privacy Counsel at General Electric. Before and during law school, Lindsey worked on privacy-related issues at the U.S. Federal Trade Commission and the U.S. Department of Homeland Security. Lindsey received her Juris Doctor from American University, Washington College of Law and her Bachelor of Arts in Communication and Political Science from the University of California, San Diego. Lindsey is a member of the California Bar. 


Cathy Bump serves as Senior Privacy Counsel for Expedia, Inc. She oversees global compliance with privacy and data security laws across Expedia's subsidiary brands, including Expedia, Hotels.com, Hotwire, and Egencia. Cathy is responsible for Expedia's implementation and maintenance of best practices in connection with privacy, works closely with Expedia's Information Security Team to implement both internal and third party data safeguards, and also guides the shaping of Expedia's positions on privacy issues and legislation.

She also serves as Co-Chair of the Bay Area Association of Corporate Counsel (ACC) Privacy & eCommerce Committee. 

Prior to joining Expedia, she held the position of Vice President of Policy & Legal for TRUSTe, the leading online privacy standard-setting and seal organization. An attorney with diverse experience - encompassing business, litigation, and policy issues -- she initially began specializing in privacy and data security while serving as in-house privacy counsel for Intuit Inc. 

Cathy holds a J.D. from Hastings College of the Law and a B.A. in political science from Stanford University. She has been a Certified Information Privacy Professional (CIPP) since 2004.


Felix Sterling
 

As senior vice president and general counsel of Trend Micro's global legal department, Felix leads a team with legal oversight responsibility for corporate governance, compliance, product development, channels, sales, human resources, business operations, and all other legal matters for Trend Micro and its global subsidiaries. In addition, he serves as Chairman of Trend's Global Policy Committee, and as Site Executive for Trend's North America headquarters. Felix also enjoys working on strategic and operational challenges, and leads various cross-functional initiatives to optimize business processes and support the SaaS business model.   

Prior to joining Trend Micro, Felix was a vice president and AGC at VeriSign.  He had previously been a member of the Yahoo! legal team, after starting his legal career in the litigation and technology transaction groups of Wilson, Sonsini, Goodrich & Rosati, a premier technology law firm.  Before law school, he studied cognitive science and human factors engineering in graduate school and worked in the Flight Human Factors Division at the NASA-Ames Research Center.
 
Felix holds a juris doctor degree from the University of California at Davis, where he was Editor-in-Chief of the King Hall Advocate and the Western U.S. A.B.A. moot court champion. He also holds a bachelor's degree (with honors) from the University of California at Santa Cruz.


Paula Selis is Senior Counsel for the Consumer Protection Division of the Washington State Attorney General's Office. Her responsibilities include litigation, legislation, and business and consumer education.  She has been with the office since 1982.

 Ms. Selis' areas of focus have included telemarketing, auto dealers, credit reporting and advertising. She has been responsible for heading the Office's Telemarketing Focus Group. On a national level, she has worked with the National Association of Attorneys General on a variety of issues, including cross-border telemarketing fraud, Internet fraud, and privacy. Since 1999, she has been the head of the Attorney General's Office Consumer Protection High Tech Unit, where her cases have centered on such issues as online privacy, Internet auction fraud, junk email, business opportunity scams and health care fraud.  She has co-authored articles on Internet Auction Fraud and Privacy Policy Best Practices with the Shidler Center for Law, Commerce and Technology at the University of Washington Law School. Ms. Selis is an adjunct professor at Seattle University Law School where she teaches consumer protection law and privacy law.

 In addition to litigation, Ms. Selis has also worked on numerous bills sponsored by the Attorney General, including legislation regulating telemarketing, 900-numbers, credit reporting, auto brokering, going-out-of-business sales, unsolicited electronic mail, the promotional advertising of prizes, identity theft and consumer financial privacy.

 Ms. Selis is a graduate of Dartmouth College and the Seattle University Law School.


Rudy Guyon advises global information technology businesses on commercial contracts and complex licensing transactions; international privacy and regulatory compliance; and technology products development and marketing. Previously Rudy has practiced as in-house counsel for Fujitsu America and its affiliates, at the Silicon Valley Law Group, and at Matsubara Muraki International Patent Law Office.  Rudy has lived and worked abroad in Japan and Europe, and speaks pretty good Japanese. Rudy graduated from the UCLA School of Law and U.C. Berkeley, is a Certified Information Privacy Professional (CIPP/US), and currently co-chairs the Privacy, E-Commerce and Social Media Committee of the Bay Area Chapter of the Association of Corporate Counsel. He has taught law at universities in Tokyo, Japan and Bucharest, Romania.  Rudy has broad experience with developing and marketing software, hardware and Internet products. He is interested in the outdoors, international business, and leading edge technology developments, such as the growth of the Cloud and smart grids. 


Merri Baldwin is a shareholder at Rogers Joseph O’Donnell in San Francisco, where her practice focuses on attorney liability and commercial litigation. She handles claims of legal malpractice and breach of fiduciary duty, as well as motions to disqualify and for sanctions. She regularly counsels lawyers and law firms on legal ethics and law practice management issues. She represents attorneys in disciplinary matters before the State Bar of California, and has extensive experience handling attorney-client fee disputes. Ms. Baldwin is a past chair of the State Bar of California Committee on Professional Responsibility and Conduct. She is a co-chair of the Legal Malpractice subcommittee for the American Bar Association Litigation Section Committee on Professional Services Litigation. Ms. Baldwin served as the President of the Bar Association of San Francisco for 2017. Ms. Baldwin frequently lectures to attorneys and professional organizations on issues related to litigation, legal malpractice and ethics issues, and she is a lecturer at the University of California at Berkeley School of Law, where she teaches professional responsibility. Ms. Baldwin co-edited The Law of Lawyers’ Liability (ABA/First Chair Press 2012) and has served as a consulting editor for the Attorney Fee Agreement Forms Manual, published by Continuing Education of the Bar, California. Prior to law school, Ms. Baldwin was a Fulbright Scholar at the London School of Economics.

Education

J.D., University of California at Berkeley,
School of Law (Boalt Hall)

B.A., Smith College
Magna Cum Laude with high honors


Alexandra Ross is Director, Global Privacy and Data Security Counsel at Autodesk, Inc., a leader in 3D design, engineering and entertainment software. Previously she was Senior Counsel at Paragon Legal and Associate General Counsel for Wal-Mart Stores. She is a certified information privacy professional (CIPP/US, CIPP/E, CIPM, CIPT and FIP) and practices in San Francisco, California. She holds a law degree from Hastings College of Law and a B.S. in theater from Northwestern University. Alexandra is a recipient of the 2019 Bay Area Corporate Counsel Award – Privacy.

Alexandra launched The Privacy Guru blog in January of 2014 and has published an ebook Privacy for Humans (available on Amazon and iTunes).


Beth Givens is founder and executive director of the Privacy Rights Clearinghouse (PRC), established in 1992. The PRC is a nonprofit consumer education and advocacy organization, based in San Diego, California. Its mission is to engage, educate and empower individuals to protect their privacy. Givens and her organization represent the interests of consumers in public policy proceedings at the state and federal levels. She and her colleagues are often interviewed by the media on consumer privacy issues.

The PRC’s many consumer guides cover a broad range of informational privacy topics, including: credit reporting, identity theft, data breaches, online privacy, medical records, workplace issues, online data brokers, employment background checks, computer security, debt collection, education, telemarketing, and smartphones.

Givens has participated in numerous task forces and commissions including: California Attorney General Do-Not-Track Working Group, Consumer Federation of America Identity Theft Services Best Practices Task Force, Consumer Federation of America Cloud Computing Working Group, California Judicial Council Working Group on Personal Information and Court Outsourcing, California Real ID Act Privacy and Security Work Group, and California Radio Frequency ID Advisory Committee.

Givens co-authored a chapter on identity theft in Protection, Security and Safeguards (2nd ed,, 2013). She contributed a chapter on consumer and privacy rights to the 2006 book, RFID: Applications, Security and Privacy.  She authored the encyclopedia entries on identity theft for Encyclopedia of Privacy (2007), World Book Encyclopedia (2004) and Encyclopedia of Crime and Punishment (2002). Givens is author of an early book on informational privacy, The Privacy Rights Handbook (Avon, 1997), and is co-author of another early guide, Privacy Piracy: A Guide to Protecting Yourself from Identity Theft (1999), with Mari Frank, Esq.

Prior to her work as a consumer advocate, Givens was a librarian specializing in library network development and resource sharing.  Givens has a master’s degree in Communications Management from the University of Southern California Annenberg School for Communication, and a master’s degree in Library and Information Services from the University of Denver. She is a member of the International Association of Privacy Professionals.


Christine Lyon advises organizations on cutting-edge issues related to the collection, use, sharing, and safeguarding of data, including personal information of customers and employees. She serves as a trusted advisor, working with clients to develop global strategies to comply with U.S. and international privacy and data protection laws.

Christine’s practice spans a variety of industry sectors, from information technology services to consumer products, and covers clients ranging from start-ups to large multinationals. She advises technology companies on building privacy protections into their offerings, including connected products and services (Internet of Things), cloud-based and mobile services, and social media initiatives, as well as on managing the related “Big Data” implications. She also assists clients in evaluating and managing privacy risks, including in strategic transactions such as IT outsourcing, and mergers and acquisitions.

Legal 500 US recognized Ms. Lyon as a “rising star” in the area of privacy and data protection and recommended her for cyber law, and she received The Burton Award for Distinguished Legal Writing. She frequently writes and speaks on the topics of global data protection laws, workplace privacy issues, and data security laws. She is a co-editor of Global Employee Privacy and Data Security Law (BNA Books) and a member of the editorial board of the World Data Protection Report.


Dominique Shelton is a litigation partner in Alston & Bird's Los Angeles office. She focuses her practice on complex commercial litigation, with particular attention to intellectual property and privacy litigation, as well as unfair competition and antitrust matters. Dominique also provides strategic compliance counseling in digital marketing and data privacy on cutting edge issues, such as mobile privacy, Big Data, Do Not Track and behavioral advertising, among others. In 2012, she was named Intellectual Property Lawyer of the Year by the Century City Bar Association.

She has litigated matters involving various state and federal laws, such as  the Fair Credit Reporting Act, Telephone Consumer Protection Act, Federal Trade Commission Act, Electronic Communications Privacy Act, Computer Fraud & Abuse Act, California False Advertising Law (Business & Professions Code §17500), California Unfair Competition Law (Business & Professions Code §17200) and California Penal Code § 502. She has also negotiated with the CA AG and FTC.

Dominique's clients are Fortune 500 companies, start-up ventures and privately held companies across a broad spectrum of industries that include media and entertainment, technology, broadcasting, digital sales and marketing, advertising, wireless/mobile, Internet, lead generation, manufacturing and electrical, software, telecommunications, legal services, automotive parts and services, dietary supplement, food and health/beauty.

Memberships

  • Member, International Association of Privacy Professionals
  • Board of Directors, Federal Bar Association of Los Angeles
  • Member, Magistrate Judge Merit Selection Panel for the United States District Court, Central District of California (December 2011-present)
  • Member 2007, Chair 2011-2012, Entertainment & Intellectual Property Law Section (ELIPS), LA County Bar Association
  • Lawyer Representative to the Ninth Circuit Judicial Conference
  • Board Member 2007-2010, Big Brothers Big Sisters of Greater Los Angeles
  • President 2005-2006, Women Lawyers Association of Los Angeles
  • Life member, National Bar Association Black Women Lawyers
  • Board member 2004-2006, California Women Lawyers Association

 
Education

Georgetown University (J.D., 1991)

Brown University (B.A., 1988)

Admitted to Practice 

California


 


Francoise Gilbert focuses her practice on U.S. and global data privacy and cybersecurity in a wide variety of markets, including, among others, compliance with the European Union General Data Protection Regulation (GDPR) and other EU data protection laws, big data, cybersecurity, connected devices, intelligent vehicles, artificial intelligence, robots and other emerging technologies.

She counsels clients on complex issues related to evaluating and strategically managing privacy, security, and e-business risks. She assists in the design of product and services to help meet the company’s objectives within the constraints of compliance requirements; the development of compliance programs to meet data protection laws in a variety of markets, including the EU, Asia/Pacific, Middle East / Africa, and the Americas. She also advises clients in the development of internal programs to help drive a culture of privacy across entire organizations; product development strategies aimed at meeting the privacy-by-design and security-by-design principles; and addressing privacy and security in mergers and acquisitions, and other corporate and commercial transactions.

A sought-after speaker, Francoise Gilbert has been featured on numerous panels throughout the United States and internationally on privacy, security, the EU General Data Protection Regulation (GDPR), global privacy programs, cloud computing, connected objects, smart cities, robot law, risk management, outsourcing, information technology, and e-business law by industry groups, bar associations and trade associations.

In addition, Ms. Gilbert is the author of the leading two-volume treatise "Global Privacy and Security Law" which covers in depth the privacy and data protection laws of 68 countries on all continents. She has written numerous chapters in collective works and has published hundreds of articles in peer-reviewed publications, professional journals and magazines on privacy, security, emerging technologies, compliance, cybercrime, outsourcing, workplace privacy, information law, data governance, Internet law, eCommerce, children protection, and comparative law.

Concentrations

  • Information privacy and security, US and international
  • Artificial intelligence
  • Big data, data analytics
  • Interest-based advertising
  • Internet of Things, connected objects, intelligent vehicles, smart cities
  • Complex technology licensing; cloud computing; outsourcing
  • Blockchain


Jeanette Fitzgerald is Executive Vice President, General Counsel and Chief Privacy Officer for Epsilon, a global data-driven marketing firm recognized by Ad Age as the #1 U.S. agency from all disciplines and the #1 global direct marketing network.

As Chief Privacy Officer, Jeanette leads Epsilon’s government affairs, legislative and regulatory initiatives related to data protection and privacy. With her extensive knowledge of data privacy issues, she has spoken before domestic and international industry associations about the implications of data privacy for businesses and consumers, and has provided testimony before U.S. Congressional committees.

In addition, Jeanette leads and manages all legal strategy for Epsilon, including counsel related to mergers and acquisitions activity for the company.

Prior to joining Epsilon, Jeanette served as Vice President and Assistant General Counsel for five years at Alliance Data, the parent company of Epsilon, and was pivotal in Alliance Data’s acquisition of Epsilon. At Alliance Data, Jeanette provided strategic counsel on issues ranging from intellectual property to M&A activity.


Jonathan Avila joined Walmart Stores, Inc. as Vice President, Chief Privacy Officer in October 2012.  Mr. Avila is responsible for the worldwide data privacy and records management program for Walmart’s operations involving 11,000 retail locations with more than two million employees in 27 countries, as well as Walmart’s e-commerce websites in ten countries.  Mr. Avila previously served as Vice President -- Counsel, Chief Privacy Officer of The Walt Disney Company.  Mr. Avila initiated the data privacy program at Disney in 2001 and led the development of Disney's enterprise privacy compliance program covering all of Disney's online and offline business activities in the nearly 50 countries in which Disney operates.

Mr. Avila has been active in the international data privacy community, having served for five years on the board of directors of the International Association of Privacy Professionals, including serving as President of the IAPP in 2009.  Mr. Avila has spoken at numerous conferences on data privacy issues, including conferences of the international data privacy commissioners sponsored by the governments of Spain and Mexico.  Mr. Avila is a co-author of Privacy Compliance and Litigation in California (CEB 2014).  Mr. Avila served on the advisory committee to the California Office of Privacy Protection on the development of its guidance on California's "Shine the Light" law relating to business' information sharing practices.  Mr. Avila also has taught on the subject of privacy law as an Adjunct Professor of the School of Law of the University of Arkansas.

Mr. Avila began his career as a law clerk to Judge W. Eugene Davis of the United States Court of Appeals for the Fifth Circuit.  Mr. Avila later was an associate with Latham & Watkins, and Litigation Counsel with the CBS television network.  Before joining Disney, Mr. Avila served as General Counsel Chief Privacy Officer of MValue.com, Inc., a venture capital funded Internet company.

Mr. Avila graduated with a B.A. from Yale University and a J.D. from Harvard Law School.  Mr. Avila also holds a diploma from the University of Salamanca (Spain) and holds the Certified Information Privacy Professional credential issued by the IAPP.


Kathryn J. Fritz is a partner in the Litigation, Intellectual Property and Privacy Groups of Fenwick & West, a law firm focusing on technology and life sciences matters. Ms. Fritz is resident in the firm’s San Francisco office. She served as the firm’s Managing Partner from 2006 through 2017.

Ms. Fritz’s practice concentrates on business and intellectual property litigation, with an emphasis on trademark, right of publicity and copyright, especially as applied to new technology areas. She has represented and advised software publishers, computer hardware manufacturers, gaming and digital media companies, entertainment companies, traditional media publishers and consumer products companies on commercial and intellectual property issues.

PROFESSIONAL ACTIVITES AND RECOGNITION

Ms. Fritz writes and speaks regularly on intellectual property issues to groups that include the Federal Judicial Center and Practicing Law Institute, and since 1999 has taught an advanced trademark law seminar at UC Berkeley School of Law.

She was named to The National Law Journal’s 75 Outstanding Women Lawyers in 2015; has been named to The Recorder’s list of Top 50 Women Leaders in Tech Law and, in 2015, was additionally designated as one of 10 “Power Players.”

Ms. Fritz has been a member of the Board of Trustees of the Santa Clara County Bar Association and the Board of Directors of the Bar Association of San Francisco, and she is active in diversity initiatives in the profession.

PRO BONO INVOLEMENT

Ms. Fritz has been actively involved in pro bono, representing documentary filmmakers in intellectual property matters, a client on California’s death row in this federal habeas corpus petition, ultimately achieving a reversal of his death sentence, and clients in political asylum petitions.

Ms. Fritz is also active in the greater pro bono community. She is currently a member of the Board of Directors of Equal Justice Works and the Board of Directors of Bay Area Legal Aid, and a member of the Pro Bono Institute’s Law Firm Advisory Board. She previously served the Legal Service Corporation’s Pro Bono Task Force and was co-chair of its Subcommittee on Technology Best Practices. She was recently honored by OneJustice for her pro bono leadership.

EDUCATION AND ADMISSIONS

Ms. Fritz received her B.A., magna cum laude, from the University of California at Santa Barbara, where she was a member of Phi Beta Kappa and a University of California Regents’ Scholar. She received her J.D., cum laude, from Georgetown University Law Center, where she was Research Editor of the American Criminal Law Review. She is a member of the State Bars of New York and California, and numerous federal courts.


Liisa Thomas is a Partner in Sheppard Mullin’s Chicago and London offices, and Practice Group Leader of its Privacy and Cybersecurity Team.  Her clients rely on her ability to create clarity in a sea of confusing legal requirements and describe her as “extremely responsive, while providing thoughtful legal analysis combined with real world practical advice.”  Ms. Thomas is the author of the definitive treatise on data breach, Thomas on Data Breach: A Practical Guide to Handling Worldwide Data Breach Notification, which has been described as “a no-nonsense roadmap for in-house and external practitioners alike.”  She is known as an industry leader in the privacy and data security space and is consistently recognized by Leading Lawyers Network, Chambers and The Legal 500.  Ms. Thomas was named to Cybersecurity Docket's "Incident Response 30," honoring 30 incident response professionals critical to managing data breaches (in both 2016 and 2018).  Ms. Thomas was recognized as the 2017 Data Protection Lawyer of the Year – USA by Global 100, the 2017 U.S. Data Protection Lawyer of the Year by Finance Monthly, and the “Best in Data Security Law Services” at Corporate LiveWire’s 2017 Global Awards.  She received her J.D. from the University of Chicago in 1996 and is admitted in Illinois and the District of Columbia.


Marc S. Crandall serves as head of global compliance, enterprise, at Google, where he addresses security and privacy compliance matters regarding Google’s cloud-based services. Marc has also served as product counsel for Google, where he addressed legal issues concerning the development and deployment of Google technology. He works to achieve compliance with US and international laws and regulations dealing with privacy, law enforcement, system security, intellectual property, content regulation, telecommunications, consumer protection, advertising, and child online protection. He also served a member of the advisory counsel of the non-profit organization American Registry for Internet Numbers, addressing policy matters associated with the dissemination of all Internet protocol addresses for North America.

Prior to joining Google in 2006, Marc served as assistant general counsel with the science and technology law unit of the United States Federal Bureau of Investigation (FBI). As principal legal adviser to the cyber division at FBI headquarters in Washington, DC, he provided legal counsel and policy advice concerning issues involving Internet forensics, computer intrusions, crimes against children, counterterrorism and counterintelligence operations, intellectual property enforcement, privacy and white collar crime. He also served as a lecturer at the FBI Academy. In 2004, he was appointed by the White House National Security Council office to serve as liaison to private industry for matters relating to Internet forensics and infrastructure security. He also regularly served as a member of the United States delegation to the Internet Corporation for Assigned Names and Numbers (ICANN) governmental advisory committee and on the United Nations working group on Internet governance and world summit on the information society.

Before joining the FBI, Marc served as corporations counsel and lead counsel of Internet compliance and enforcement with the California Department of Corporations, California's investment and finance authority. There, he developed policy and executed legal duties in the field of Internet forensics, undercover operations, evidence collection, litigation, and the application of evidentiary, privacy and transactional laws to the Internet. He also created and led the State's first team dedicated to combating Internet-based investment fraud. During this time, Marc was appointed as a special assistant U.S. attorney with the United States Department of Justice, investigating and prosecuting violations of federal law.

Marc earned a bachelor of arts degree from the University of California, Los Angeles and a juris doctor from Pepperdine University School of Law. He also holds a certification with the International Association of Privacy Professionals.


MeMe Jacobs Rasmussen is chief privacy officer, vice president, and associate general counsel at Adobe. In her role, Jacobs Rasmussen oversees Adobe’s privacy strategy and policy. She also leads a team of attorneys and paralegals with responsibility for providing legal services to Adobe’s cloud teams.

Prior to joining Adobe in 1997, Jacobs Rasmussen served as general counsel and later chief operating officer at Rocket Science Games. Previously, she practiced law at Gray Cary Ware & Freidenrich in Palo Alto, California, and at Foley, Hoag & Eliot in Boston. Jacobs Rasmussen started her career in the early 80s as a technical instructor at Prime Computer near Boston before joining the company’s in-house legal department.

Jacobs Rasmussen is a member of the California bar. She holds a law degree from Suffolk University and a bachelor’s of science degree in computer science from the University of Vermont.

Adobe is changing the world through digital experiences. For more information, visit www.adobe.com.


Paola Zeni is a member of the Legal Department at Palo Alto Networks, the next-generation security company. As Senior Director of Global Privacy, her mission is to ensure that privacy is incorporated in the security fabric provided by Palo Alto Networks, by working cross-functionally with all teams at the company. Paola is a veteran of the information security industry, having worked for years at Symantec, where she led the Privacy Program Office, and has been working on privacy issues for more than 15 years, first in Europe for HP and Agilent Technologies, and later in the US as Global Privacy Lead for Agilent. She has a Law Degree from the Catholic University of Milan and a LLM in US Law from the University of Santa Clara. She is member of the IAPP, has practiced in Italy, and is a member of the California Bar.


Rebecca Matthias is the Assistant General Counsel and Director of Privacy at VMware (the global leader in virtualization and cloud infrastructure, delivering solutions to over 99% of Fortune 1000 and 97% of Fortune Global 500 companies).  Rebecca leads VMware’s global privacy team and is responsible for developing and administering VMware’s privacy program and practices.  Recent initiatives have involved supporting VMware’s cloud offerings for US and EU rollout.  Prior to joining VMware, Rebecca handled compliance matters, including privacy, for VeriSign, Inc.  She also worked for VeriSign as a product attorney for both the SSL and Registry divisions, advising on marketing and product development.  Before moving in-house, Rebecca was a senior associate for Coudert Brothers in Kazakhstan, Russia, London and Washington, D.C.  At Coudert Brothers she provided advice on international corporate transactional, IP, compliance and telecoms matters. 

Rebecca received her J.D. from the University of Virginia School of Law, where she was on the Editorial Board of the Virginia Journal of International Law.  She earned her B.A. in Russian Studies from the University of Virginia, and was awarded Phi Beta Kappa.

Rebecca has been CIPP/US certified since 2006, and has also earned the CIPP/IT and CIPP/E certifications.  She regularly speaks on privacy and related security matters, most recently at the 2014 RSA Conference.


Reece Hirsch is a partner in the San Francisco office of Morgan Lewis specializing in privacy and security law. Reece has particular expertise with regard to healthcare privacy, and he advises clients from every sector of the healthcare industry on compliance with HIPAA, the HITECH Act and state medical privacy laws.  He also advises non-healthcare industry clients on a wide range of privacy and security issues, including security breach response, Internet privacy, compliance program development, and financial and insurance privacy regulation. Reece has served on advisory committees to the California Office of Privacy Protection on security breach notification and medical identity theft best practices, and is a member of the editorial advisory boards of BNA's Health Law Reporter and Healthcare Informatics. He also serves on the board of directors of 826 National, a San-Francisco based non-profit organization that provides writing programs for young people in underserved communities.

 


Rosanne Model is the Corporate Compliance Officer for Bio-Rad Laboratories, Inc. (NYSE: BIO and BIOb), a multinational manufacturer and distributor of life science research and clinical diagnostic products. Rosanne joined the company in December 2011. She reports to the President and CEO of Bio-Rad. Rosanne is responsible for the Company's efforts to maintain effective best practices compliance programs. She currently focuses on the U.S. FCPA and other countries' anti-bribery laws as well as the US Open Payments Program (Sunshine). Prior to joining Bio-Rad, Rosanne was the lead international operations and compliance lawyer at Hyatt's headquarters in Chicago. She provided advice on a diverse range of commercial matters as well as ethics/compliance and corporate social responsibility for Hyatt's International Operations Management Team and Hyatt's Divisional Offices and hotels in more than 45 countries. Rosanne was the co-leader of Hyatt's Data Privacy Task Force and the co-author of Hyatt's Global Privacy Program. Prior to Hyatt, Rosanne was senior international counsel for Chevron and its predecessors, Texaco and Caltex, and was based both in the US and in Singapore. At Chevron, she was the lead lawyer for international divisions and foreign subsidiaries with complex operations in West Africa and the Caribbean and she provided daily advice on transactions and US compliance in Latin America, Asia, and the Middle East. She is a fluent French speaker and is conversant in Spanish. Rosanne has a keen interest in issues at the intersection of public policy, business, and the law. Rosanne received her M.P.A. from Harvard's Kennedy School of Government and her J.D., cum laude, from the University of Miami School of Law, where she was a member of the Law Review, and earned her B.A., from Mount Holyoke College, which included studies at l'Institut d'Études Politiques in Paris.

 


Sharon Anolik is Vice President, Global Privacy Risk & Strategy Leader for McKesson, a leading healthcare services and information technology company. 

Previously, she was Chief Privacy Official and Director of Corporate Compliance & Ethics for Blue Shield of California, overseeing award-winning programs in privacy, corporate compliance, records management and legislative implementation.

Sharon has also served as Chief Privacy Officer & Associate General Counsel for Ask Jeeves; Deputy City Attorney for the city of San Francisco; in-house counsel for several technology companies; a Privacy specialist for Deloitte; and a judicial clerk to the California Supreme Court.  A frequent industry speaker, Sharon sits on the Corporate Compliance, Privacy and Audit Committee of the El Camino Hospital Board, several privacy advisory boards and teaches Cyberlaw and Privacy at Golden Gate University Law School.

Sharon can be reached at sharon.anolik@mckesson.com


Stephen S. Wu is a shareholder with Silicon Valley Law Group in San Jose, California.  He advises clients on transactions, compliance, liability, security, and privacy matters regarding the latest technologies in areas such as robotics, artificial intelligence, automated transportation, the Internet of Things, and Big Data.  He helps clients with domestic and international privacy and security matters in negotiating agreements, incident response, breach notification, litigation, and managing privacy and security programs, certifications, and audits.  He counsels clients concerning cyber-risk insurance policies and coverage and risk management strategies.  In addition, he advises clients on secure electronic commerce using digital signatures, other secure electronic signatures, electronic credentials such as digital certificates, encryption, and public key infrastructure.

From 1997 to 2001, Mr. Wu was VeriSign, Inc.’s second in-house attorney, where he managed the development and deployment of worldwide policies and procedures for VeriSign’s digital certification Internet security services.  Before his work at VeriSign, he practiced with two international law firms in the areas of intellectual property and general litigation, as well as technology transactions.

Mr. Wu served as Chair of the American Bar Association Section of Science and Technology Law from 2010 to 2011.  From 2001 to 2004, Mr. Wu was Co-Chair of the Section’s Information Security Committee.  He helped found the Section’s Artificial Intelligence and Robotics, Internet of Things, Big Data, and Homeland Security Committees.

Mr. Wu has written or co-written seven books on information security law, including his most recent publications: A Guide to HIPAA Security and the Law Second Edition (2016) and A Legal Guide to Enterprise Mobile Device Management:  Managing Bring Your Own Device (BYOD) and Employer-Issued Device Programs (2013).  He has written numerous book chapters and articles on data protection, artificial intelligence, and robotics topics.  He is a frequent speaker at industry conferences and continuing legal education programs on information security, EU’s General Data Protection Regulation, artificial intelligence, robotics, autonomous driving, and other cutting edge technologies.

Mr. Wu received a Bachelor of Arts degree from the University of Pittsburgh in 1985, and graduated from Harvard Law School in 1988 with a Juris Doctor degree..


Ian C. Ballon is Co-Chair of Greenberg Traurig LLP’s Global Intellectual Property & Technology Practice Group and represents internet, mobile, entertainment and technology companies in defending data privacy, security breach and TCPA class action suits and in other intellectual property and technology litigation. A list of recent cases may be found at http://www.gtlaw.com/Ian-C-Ballon-experience.

He is also the author of the leading treatise on internet and mobile law, E-Commerce and Internet Law: Treatise with Forms 2d edition, the 5-volume set published by West (www.IanBallon.net), which includes extensive coverage of security breach and data privacy issues. In addition, he is the author of The Complete CAN-SPAM Act Handbook (West 2008) and The Complete State Security Breach Notification Compliance Handbook (West 2009). He also serves as Executive Director of Stanford University Law School’s Center for E-Commerce, which hosts the annual Best Practices Conference where lawyers, scholars and judges are regularly featured and interact.

Ian was named the Lawyer of the Year for Information Technology Law in the 2019, 2018, 2016 and 2013 editions of Best Lawyers in America and was recognized as the 2012 New Media Lawyer of the Year by the Century City Bar Association. In both 2018 and 2019 he was recognized as one of the Top 1,000 trademark attorneys in the world for his litigation practice by World Trademark Review. In addition, in 2019 he was named one of the top 20 Cybersecurity lawyers in California and in 2018 one of the Top Cybersecurity/Artificial Intelligence lawyers in California by the Los Angeles and San Francisco Daily Journal. He received the “Trailblazer” Award, Intellectual Property, 2017 from The National Law Journal and he has been recognized as a “Groundbreaker” in The Recorder’s 2017 Litigation Departments of the Year Awards. In 2010, he was the recipient of the California State Bar Intellectual Property Law section's Vanguard Award for significant contributions to the development of intellectual property law (http://ipsection.calbar.ca.gov/IntellectualPropertyLaw/IPVanguardAwards.aspx).

Mr. Ballon was listed in Variety's "Legal Impact Report: 50 Game-Changing Attorneys" and has been named by the LA Daily Journal as one of the Top 75 intellectual property litigators in California in every year that the list has been published (2009 through 2018) and as one of the top 100 lawyers in California. He is also listed in Legal 500 U.S., The Best Lawyers in America (in the areas of information technology and intellectual property) and Chambers and Partners USA Guide in the areas of privacy and data security and information technology. Mr. Ballon also holds the CIPP/US certification from the International Association of Privacy Professionals (IAPP).

Ian can be reached at: Ballon@gtlaw.com, 310-586-6575 or via leading social media platforms (IanBallon).


Laura D. Berger is an attorney in the Division of Privacy and Identity Protection at the Federal Trade Commission. She enforces federal laws that protect consumer privacy. Recently, her law enforcement work has focused on the privacy and security standards applicable to social media and to the Internet of Things. She also has worked on the agency's efforts to educate app developers about privacy, including the recent guide “Marketing Your Mobile App: Get it Right from the Start.” In addition, she was author of the Commission's Safeguards Rule. She received a B.A. from Tulane University and a J.D. from the University of Michigan Law School. She works from the FTC's Regional Office in San Francisco.


McNabb is the Director of Privacy Education and Policy in the Privacy Enforcement and Protection Unit of the California Attorney General’s Office. In that role, she is responsible for developing resources for consumers on a wide range of privacy topics and for businesses on their privacy obligations and best practices.  Her responsibilities also include analyzing and reporting on the data breaches submitted to the Attorney General’s Office, speaking at privacy seminars and workshops, analyzing privacy legislation, and advising the Attorney General on privacy issues.

McNabb is a Certified Information Privacy Professional, with specializations in Government and Information Technology. She serves on the Privacy Advisory Committee to the U.S. Department of Homeland Security and the ANSI Consumer Interest Forum, and is a Fellow of the Ponemon Institute, a research center on privacy, data protection and information security policy. From 2001 until 2012, McNabb directed the California Office of Privacy Protection, a resource and advocate on privacy issues. Before that she worked in public affairs and marketing, in both the public and private sectors.  She attended Occidental College and holds a master’s degree in Medieval Literature from the University of California, Davis.


Holly K. Towle is a partner with K&L Gates LLP, an international law firm. Ms. Towle's practice focuses on payment systems, privacy and data security, electronic business issues such as e-contracting structures for consumers customers and for business processes, and software licensing and other issues relating to information assets as distinguishable from “goods” or “services”. She is the author of two treatises, The Law of Electronic Commercial Transactions (2003-2015 LexisNexis), an information rich treatise explaining the legal landscape of commercial law when electronics or electronic settings are used, and also of Data Privacy, Protection, and Security Law (LexisNexis).


Matthew Fitzsimmons is the Head of Cigna’s Privacy & Information Protection Compliance Office and Lead Privacy & Cybersecurity Counsel. At Cigna, Matt is responsible for leading the privacy and information protection compliance team, handling complex privacy and information protection issues and leading the enterprise’s incident response team, leading investigations, breach notification, and incident management activities. Matt also oversees the review and implementation of privacy related legislation, the conduct environmental scans to identify external privacy issues. 

Prior to joining Cigna, Matt was an Assistant Attorney General in Connecticut, heading that Office’s Privacy and Data Security Department. In that role, Matt served as the lead attorney in the AG’s Office on all matters involving data security and privacy, including co-leading the investigation and negotiating the largest ever multistate data breach settlement with a prominent retailer. Matt also served as co-lead counsel in the first-ever state enforcement action for alleged violations of HIPAA. Throughout his time in the AG’s Office, Matt litigated an array of complex matters in state and federal court.

Matt is a frequent guest speaker and panelist at industry and continuing legal education events on the topic of data privacy and security, and has contributed to panel discussions in the United States and Canada. Recently, he was named one of Law360’s “5 Influential Privacy Regulators That You Should Know,” as well as being named to Connecticut Magazine’s 2014 “Forty under 40” and Connecticut Law Tribune’s “New Leaders in the Law.”

Matt also served as Adjunct Professor at the University of Connecticut School of Law, where he taught oral advocacy and brief writing as part of the school’s Moot Court program.


Winston Krone, Esq. is the Managing Director of Kivu, a nationwide technology firm specializing in the forensic response to data breaches and proactive privacy and IT security compliance.   Winston has handled the technical response and remediation on numerous privacy incidents, data breaches, and computer network intrusions in a wide range of sectors including education, healthcare, professional services, and financial institutions.  He has frequently testified as a cyber expert before US regulators, in post-breach litigation, and in state and Federal courts regarding computer forensic issues.  Winston is also an English solicitor and California attorney, experienced in privacy and cyber issues.  He has represented clients at both civil and criminal cases in California state courts, the English High Court, the European Court of Justice, and the European Court of Human Rights.  Winston received his law degree from Oxford University, UK.


Geff is an Associate General Counsel in the Regulatory Affairs group of Microsoft Corporation’s Legal and Corporate Affairs Department in Redmond, Washington. Since rejoining Microsoft in 2007, he has counseled Microsoft businesses on privacy and data protection issues, with a current focus on cross-border data flows, cloud privacy, and mobile privacy.   Geff has been responsible for providing privacy advice for several Microsoft products including Office and Windows. Most recently he has provided privacy and data protection advice to Microsoft’s enterprise cloud services, operating systems, and devices.