Careers

Diversity

With 17 offices, from New York to Los Angeles and Seattle to Orlando, we live and work in communities all over the U.S., collaborating across locations, disciplines and even borders. Our experienced, highly ranked lawyers serve businesses wherever they are and wherever they want to go.

Offices

About Us

Pages

Professionals

Thought leadership: blogs, podcasts, videos, publications, events and news

Insights

Services

Pro Bono

Am Law 100 firm with practices in Business, Digital Assets and Data Management, Intellectual Property, Labor & Employment, Litigation and Tax.

Home | BakerHostetler

Ronald Baumgarten Expects Upcoming Trade Policies to be Similar to Last Republican Administration

Patrick Campbell, Jonathan New Author Law360 Article on Whistleblower Programs

DOJ Antitrust Division Adds to Guidance on the Evaluation of Corporate Compliance Programs in Criminal Antitrust Investigations

BakerHostetler Alumni Newsletter – Fall 2024

We work with the key personnel who have responsibility for privacy and security and for technology infrastructure, including chief information and privacy officers, marketing team leaders, compliance officers, finance leaders and in-house legal teams. Our incident response experience and regulatory knowledge mean we are uniquely qualified to examine both internal and privacy governance policies. Our deep understanding of technology positions us to advise clients regarding the best practices for technology transactions, including negotiating agreements regarding cloud services and technology infrastructure as well as data ownership and other key issues that arise when companies do business together.

core/paragraph

core/heading

We advise clients on how to develop and maintain consumer privacy programs. In addition, we help clients assess privacy impacts and employ privacy by design to balance commercial and consumer interests and to craft transparent, accurate and customer-friendly notices regarding data practices.

Our deep experience and relationships with state attorneys general and other regulatory officials allow us to deal efficiently with investigatory inquiries, often resulting in positive dispositions, including the conclusion of investigations without any charges being brought.

California Consumer Privacy Act (CCPA) and other state privacy laws.

core/list-item

General Data Protection Regulation (GDPR).

Attorney General privacy investigations related to data collection and use.

The Children’s Online Privacy Protection Act (COPPA).

Telephone Consumer Protection Act (TCPA) and Controlling the Assault of Non-Solicited Pornography and Marketing Act compliance.

core/list

Our team has a well-grounded understanding of transactions involving the use, licensing, acquisition and commercialization of data and technology. We review, negotiate and draft agreements and agreement provisions regarding:

The PCI Data Security Standard and protected health information.

We handle agreements involving all forms of cloud service (SaaS, IaaS, PaaS), video game development, mobile apps, music distribution, geolocation, payment processing, fraud prevention, data analytics and digital advertising.

In addition, as companies everywhere undergo digital transformation, our team offers guidance on where opportunities and vulnerabilities lie and assists in designing plans to manage, protect and leverage your digital assets, including Big Data, predictive analysis, machine learning, robotics, the Internet of Things (IoT), and voice, text and vision recognition.

We provide comprehensive advice regarding the EU’s General Data Protection Regulation (GDPR) and the new California Consumer Privacy Act (CCPA), including:

Compliance program development and implementation.

Privacy and data security assessments to prepare for the impact of the private right of action arising from security incidents.

Tracking legislative and regulatory developments.

Identifying, engaging and managing IT consultants and solutions.

contentpilot/expand-more

<ul>
<li>Selected as a 2020-2021 “Pacesetter” in Cybersecurity Services by ALM Intelligence Pacesetter Research</li>
<li>BTI Powerhouse for Cybersecurity Litigation (2022)</li>
<li>BTI Cybersecurity Powerhouse (2020)</li>
<li>BTI CyberSavvy Law Firm (2020)</li>
<li>Chambers Global
<ul>
<li>Privacy &amp; Data Security: The Elite (USA) (2022 to 2024)</li>
<li>Privacy &amp; Data Security (USA) (2014 to 2021)</li>
<li>Privacy &amp; Data Security: Healthcare (USA) (2018 to 2024)</li>
<li>Privacy &amp; Data Security: Litigation (USA) (2024)</li>
</ul>
</li>
<li>Chambers Fintech
<ul>
<li>Legal – USA (2018 to 2024)</li>
<li>Legal – Blockchain &amp; Cryptocurrencies (2023, 2024)</li>
<li>2024 Band #1 ranking in Legal – Data Protection &amp; Cyber Security (2023, 2024)</li>
</ul>
</li>
<li>Chambers USA
<ul>
<li>Advertising: NAD Proceedings – Nationwide (2022, 2024)</li>
<li>Advertising: Transactional &amp; Regulatory – Nationwide (2018 to 2024)</li>
<li>Privacy &amp; Data Security: The Elite – Nationwide (2021 to 2024)</li>
<li>Privacy &amp; Data Security: Litigation – Nationwide (2024)</li>
<li>Privacy &amp; Data Security – Nationwide (2013 to 2020)</li>
<li>Privacy &amp; Data Security: Healthcare – Nationwide (2018 to 2024)</li>
</ul>
</li>
<li>Chambers USA Award: “Privacy &amp; Data Security Team of the Year” finalist (2015, 2017)</li>
<li>The Legal 500 United States
<ul>
<li>Media, Technology and Telecoms: Advertising and Marketing: Transactional and Regulatory (2018 to 2024)</li>
<li>Media, Technology and Telecoms: Cyber law (including data privacy and data protection) (2021 to 2024)</li>
<li>Media, Technology and Telecoms: Cyber Law (2016 to 2020)</li>
<li>Media, Technology and Telecoms: Data Privacy and Data Protection (2016 to 2020)</li>
</ul>
</li>
<li>Law360: Privacy &#8220;Practice Group of the Year&#8221; (2013 to 2015, 2018)</li>
<li>Selected for Vault’s Guide to Legal Practice Areas
<ul>
<li>Privacy and Data Security (2017 to 2021)</li>
</ul>
</li>
<li><em>U.S. News – Best Lawyers </em>“Best Law Firms” – National Rankings
<ul>
<li>Advertising Law (2018 to 2024)</li>
<li>Information Technology Law (2013 to 2024)</li>
<li>Technology Law (2012 to 2024)</li>
</ul>
</li>
</ul>


R. Bisi Adeyemo

Gerald J. Ferguson

Fernando A. Bohorquez Jr.

Brian A. Bulson

Robyn M. Feldstein

Theodore J. Kobus III

Jonathan A. Forman

James A. Sherer

Melinda L. McLellan

Theresa M. Weisenberger

Christopher M. Arena

Lisa N. Collins

Craig L. Cupid

Kyle R. Gregory

Nichole L. Sterling

May Tal Gongolevsky

Carolina A. Alonso

Andreas T. Kaltsounis

Janine Anthony Bowen

Taylor A. Bloom

Timothy M. Swan

Orga Cadet

David Sherman

Craig C. Carpenter

Justin T. Yedor

Whitney Q. Schneider-White

Erika Vela

Jennifer L. Mitchell

Sherman G. Helenese

Jacob T. Wall

Antonette E. Igbenoba

Jiwon (Jamie) Kim

Chad A. Rutkowski

Jessica S. Lowery

Diana C. Milton

Kimberly C. Gordy

Delia Reid

Aaron B. Goodman

New York

Partner

Atlanta

Nichole Sterling Speaks at ABA International Law Section Fall Conference

BakerHostetler DADM and Litigation Group Members Present at ANA Masters of Advertising Law Conference

Taylor Bloom Participates in Hybrid CLE Event with SDCBA

Data Counsel

IAPP’s DACH and Luxembourg Joint KnowledgeNet: More Zombie Technologies in Time for Halloween!

Trick-or-Track: Age Signals in New York’s Children’s Privacy Law

Nichole Sterling Presents at Privacy + Security Forum Fall Academy

DSIR Deeper Dive: State Comprehensive Privacy Laws

Colorado and California Get Ahead of Neural Data Regulation

Webinar: The Privacy Strategist: Website Tracking Claims—a Frightening Trend

Janine Anthony Bowen Discusses GSU Search for New Law School Dean

Erika Vela Presents to Analytics Class at The University of Texas at Austin Graduate School

Taylor Bloom Discusses US Privacy Laws at 2024 InfoGov World Conference

Taylor Bloom Presents at California Association of Realtors Legal Forum

Taylor Bloom Presents at 2024 IAB Privacy Compliance Salon

Craig Carpenter, Tamara Baggett Present 2024-25 Risk Landscape at ACC Dallas Event

Andreas Kaltsounis Comments on Dismissal of Some SEC Charges Against SolarWinds

Toni Igbenoba, Kyle Gregory Participate in State Bar of Georgia Webinar

Deeper Dive: FTC in 2024 Continues Aggressive Privacy Path – But Don’t Forget About that Rulemaking

Whitney Schneider-White Takes Part in Panel at Lavender Law Tech-Telecom Institute

Webinar: The Privacy Strategist: Loper Bright, Chevron Deference and Data Regulation

Melinda McLellan Serves as Panelist at Transportation Research Board Conference

Jennifer Mitchell, Justin Yedor Lead Panel on AI Regulation and Advertising Privacy at 2024 ANA Conference

Third CCPA Enforcement Settlement with California Attorney General and Los Angeles City Attorney Announced Against Mobile Game App

James Sherer Participates on Panel at Inform24

Coming Soon: New Podcast Series “Technology from the Top: AI, Data and the Future of Business with Today’s CIOs,” Hosted by Janine Anthony Bowen

Chad Rutkowski Authors Material on Data License Agreements for LexisNexis Practical Guidance

Nichole Sterling Participates in InfoGovANZ Webinar on Data Privacy Risks

Nichole Sterling, Eric Gyasi Lead Discussions at The Sedona Conference Working Group 11 Annual Meeting 2024

James Sherer, Nichole Sterling Quoted in CIO Magazine on EU AI Act

BakerHostetler a Finalist for Chambers USA’s Privacy & Data Security Law Firm of the Year Award

James Sherer Comments on Insurer AI Rules in Law360 Article

Janine Anthony Bowen, Jamie Kim Author Article on the Impact of Generative AI on Technology Contracts

Three BakerHostetler Attorneys and Two Firm-Authored Articles Recognized in 2024 JD Supra Readers’ Choice Awards 

James Sherer Quoted in Bloomberg Article on AI Rules from the U.S. Government

Sterling addresses compliance obligations in light of new EU-US Data Privacy Framework

Kaufman says amended FTC lawsuit against Kochava provides ‘far more compelling narrative’

Organizations need ‘functional definition of AI’ to craft effective internal policy

BakerHostetler Launches 2023 Data Security Incident Response Report

DSIR Report Deeper Dive - 2022

2022 DSIR Report Deeper Dive: CPRA Compliance

BakerHostetler Launches 2022 Data Security Incident Response Report – Resilience and Perseverance

Melinda McLellan, Carolina Alonso, Shea Leitch, Alexandra Royal, Nichole Sterling Discuss Trends in Global Data Protection Law

New Director of HHS Office for Civil Rights Announced: What could Lisa J. Pino’s appointment mean for future HIPAA enforcement?

Effective Oct. 1, 2021: Connecticut Expands Data Breach Notification Statute

Janine Anthony Bowen, Kyle Gregory Speak on IT Contracting

CPRA Rulemaking Begins with an Invitation by the New California Privacy Protection Agency

FTC Issues Statement Warning Health Apps to Notify Consumers About Data Breaches

David A. Carney Recognized as Cybersecurity & Privacy MVP by Law360

SEC Cybersecurity Actions Against Registered Firms for Business Email Compromises Emphasize Importance of MFA

Craig Carpenter a Guest on “Careers in Data Privacy” Podcast

Craig Carpenter Discusses His Career Path on “Careers in Data Privacy” Podcast

Ohio Proposes Comprehensive Privacy Legislation

SEC Scrutinizes Use of Fintech by Broker-Dealers and Investment Advisers

Taylor Bloom to Discuss Evolution of California Privacy Rights

Colorado’s Privacy Act: A Curve Ball on Consent and Targeted Ads

Melinda McLellan, Carolina Alonso, Shea Leitch, Alexandra Royal, Nichole Sterling Join Data Protection Law Panel

The New China Data Security Law and the Impact on Multinational Companies

Nevada Gov. Sisolak Signs Senate Bill (SB) 260 Expanding the State’s Internet Privacy Law

Melinda McLellan Speaks on SCCs and Data Transfers Post-Schrems II

Pairing Real-World™ Problems with Realistic Solutions – a Push for Practical Information Governance

Updated EU Standard Contractual Clauses Are Finally Here

Craig Hoffman Featured in Video Interview Discussing “Data Security Incident Response Report”

BakerHostetler’s DADM Practice Group Expands in Dallas with the Addition of Craig Carpenter

Seventh Annual Data Security Incident Response Report Released – Disruption and Transformation

BakerHostetler 2021 Data Security Incident Response Report – Disruption and Transformation

Jeewon Serrato Speaks on Three Key CCPA Provisions

Jeewon Serrato Joins Webinar on Lessons Learned from CCPA

Jeewon Serrato Discusses California Privacy Rights Act

Highly Anticipated SCOTUS Ruling Upends TCPA Landscape

Private Right of Action May Again Poison Washington Privacy Act

International Data Protection Update – First Quarter 2021

Sara Goldstein, David Sherman Discuss European Privacy Concerns

Virginia Becomes the Second State with a Comprehensive Privacy Law

Eulonda Skyles, Stanton Burke Speak at Tech Law Summit

Melinda McLellan Leads Discussion on GDPR for New York State Bar

New EDPB Draft Guidance Provides Practical Scenarios for Data Breach Notification Analysis Under the GDPR

Kyle Fath, Taylor Bloom Address AdTech Considerations Under CCPA and CPRA

Virginia Poised to Enact the Consumer Data Protection Act, the Nation’s Second Comprehensive Consumer Privacy Law

AdTech Under the CCPA and CPRA

Virginia Likely to Become Second State with Comprehensive Privacy Legislation

California AG Becerra Tweets Endorsement for a Universal Opt-Out Tool

Stanton Burke Speaks on Notice Requirements for CCPA, CPRA

Stanton Burke Speaks on Notice Requirements of California Privacy Laws

Alan Friel a Speaker for Webinar on Vendor Agreements and California Privacy Rights Act

Jeewon Serrato Speaks on Privacy and Employment Law in California

Jeewon Serrato Joins Panel to Discuss CCPA and CPRA

Kyle Fath Speaks on Implications of “CCPA 2.0”

New York Legislature Introduces CCPA Clone with Private Right of Action

Alan Friel Comments on Impact of New California Privacy Law

Kyle Fath Speaks on California Consumer Privacy Laws

European Authorities Release Back-to-Back Drafts Addressing Cross-Border Data Transfers

BakerHosts

CA Privacy Law Reboot – CCPA 2.0

Digital Assets and Data Management

Information Governance

Advertising, Marketing and Digital Media

Compliance

Blockchain Technologies and Digital Assets

Comprehensive State Privacy Laws

Artificial Intelligence (AI)

Healthcare Privacy and Compliance

Digital Risk Advisory and Cybersecurity

Emerging Technology

Privacy and Digital Risk Class Action and Litigation

Digital Transformation and Data Economy

Russia-Ukraine War Resource Center

Industries

Retail

<h5>Privacy Governance</h5>
<ul>
<li>Counseled hundreds of companies on developing, implementing and maintaining privacy programs and complying with applicable data protections laws, including the CCPA.</li>
<li>Representing the interests of multiple clients in the digital advertising sector while working with the Internet Advertising Bureau to help develop a policy framework, multiparty agreement and technical signal program that will allow publishers and advertisers to integrate their CCPA “do not sell” requests with internet-based advertising technologies.</li>
<li>Advising numerous clients regarding compliance with international data transfer restrictions and data localization requirements. Additionally, we developed and implemented GDPR compliance programs for U.S. and international organizations, including applicability analysis, data mapping, data transfer mechanisms, consent mechanisms, “right to be forgotten,” data security assessments, breach response programs, the selection of Data Protection Officers and employee training.</li>
<li>Served as lead privacy counsel to a cutting-edge healthcare funding provider; provided a 50-state analysis of the privacy landscape for the company.</li>
</ul>
<h5>Technology Transactions</h5>
<ul>
<li>Representing an insurance company in its multimillion-dollar multiparty cloud and software services agreements.</li>
<li>Supporting a large healthcare system as lead technology and intellectual property counsel; advising the organization in more than $50 million worth of technology acquisitions.</li>
<li>Acting as lead counsel to a minerals and material solutions provider, evaluating and mitigating the risks of third-party installation of IoT tracking technologies for assets management.</li>
<li>As privacy counsel to a global public relations and earned media software company, led the organization through multiple acquisitions of portfolio companies and conducted privacy diligence for a number of transactions.</li>
<li>Advised a healthcare customer-relationship management company on commercial transactions and the development of a privacy and data strategy, navigating HIPAA compliance and regulations.</li>
</ul>


Privacy Governance and Technology Transactions

Privacy Governance and Technology Transactions

Experience

Privacy Governance

Technology Transactions

Recognitions

Insights and News

Featured Insights