Elizabeth counsels on new and existing products and services, business and marketing partnerships, and integrations with artificial intelligence products. Elizabeth has experience drafting various data and technology documents, including website terms, auto-renewing subscription agreements, vendor services agreements, text message program terms, data processing addenda, and privacy/cybersecurity language in various commercial agreements.
She helps a broad array of clients in building out and refreshing their data privacy compliance programs through data mapping and inventories; preparing internal and external privacy notices; developing internal privacy and cybersecurity policies and procedures (including data retention, classification, deletion, etc.); developing and advising on the intake and processing of consumer rights requests (webforms, consent management platforms, cookie categorization, cookie banners, etc.); the creation of tailored vendor management programs as well as providing training and guidance on performing privacy impact assessments.
Elizabeth regularly advises clients on U.S. state and federal privacy and consumer protection laws, regulations, guidance, and enforcement activities. Her focus areas include state consumer privacy laws; specialty state data laws governing social media companies/content moderation, age verification, health-adjacent data, and children’s data; state wiretapping laws; state UDAP laws; CAN-SPAM; DMCA; TCPA; VPPA; GLBA; COPPA; and section 5 of the FTC Act.
Elizabeth has provided services to clients across various industries, including fintech, financial services, manufacturing, digital media and online publishing, AdTech, e-commerce, restaurant/retail, EdTech, B2B software as a service (SaaS) providers, and non-profits.
Before moving back to private practice, Elizabeth was Assistant Vice President – Privacy Counsel for a global provider of automotive financial services, where she played a key role in developing and maintaining the company's data privacy compliance program. She was responsible for advising stakeholders on data privacy laws and regulations, including GLBA, CalFIPA, PIPEDA, state omnibus privacy laws, state data breach notification laws, and CFPB guidance. She performed privacy impact assessments, facilitated vendor audits, drafted vendor and third-party data sharing agreements, and managed the company’s incident response program.
Elizabeth began her legal career navigating KYC/AML and beneficial ownership compliance requirements in support of M&A transactions for international private equity clients. Today, she leverages this experience to provide buy-side and sell-side corporate due diligence for M&A transactions with respect to privacy and cybersecurity matters, including assessing risk, preparing remediation plans, and drafting transaction documents.