Shruti Bhutani Arora takes a holistic approach in advising clients on data collection, use and monetization, as she does not hold to the traditional barriers and siloed approach.

Shruti counsels clients on the applicable privacy laws and helps with the drafting and negotiating of complex technology contracts. Her advisory work for clients includes implementation of programs, policies and procedures for the purposes of complying with state and federal laws such as the Gramm- Leach-Bliley Act (GLBA), the California Consumer Privacy Act (the CCPA as amended by the California Privacy Rights Act), the Connecticut Data Privacy Act, the Virginia Consumer Data Protection Act, the Colorado Privacy Act, the Texas Data Privacy and Security Act, the New York Cybersecurity Regulations, and the New York City’s Local Law 144 of 2021 that prohibits employers and employment agencies from using an automated employment decision tool (AEDT).

She strives to make things transparent and easy to understand by researching what needs to be done, assimilating it and then providing the information to clients in an accessible manner. Shruti has also assisted clients of various sizes, both nationally and internationally, with commercial and trademark matters.

She is experienced in privacy compliance, complex technology transactions, trademark, copyright and artificial intelligence.

Combining deep legal knowledge, technical acumen, and extensive government-side experience, Aaron helps clients prevent, address, and resolve complex privacy, data security, and consumer protection law problems. Within these areas, Aaron counsels a broad array of clients, from emerging start-ups to global advertising platforms, on compliance, government investigations, and transactions.  Before entering private practice, Aaron was a senior legal advisor to former FTC Commissioner Julie Brill and also held positions at the White House, Department of Commerce, and Department of Justice. 

Brett is Senior Data Protection Counsel for Motorola Solutions Inc. and advises business and product teams on the privacy and security considerations related to AI and surveillance technologies. Before his current role, Brett served as the Lead Cybersecurity & Privacy Counsel at ServiceNow, a global software development company. In this capacity, he provided counsel on regulatory compliance and cybersecurity best practices. Prior to joining ServiceNow, Brett held the position of Global Privacy Officer at Wells Fargo. He serves on the Executive Committee of the California Lawyers Association Privacy Law Section, is certified in Private Corporate Governance and previously served as the Data Privacy & Cybersecurity Executive Advisor for the National Bar Association.

Prior to joining Wells Fargo, Brett served as a U.S. Navy JAG Officer (attorney).  During his Naval career, he held roles as Associate General Counsel, General Counsel and Chief Privacy Counsel for organizations in EMEA and the US.  In addition, he served as Chief Counsel during a carrier strike group deployment where he counseled senior leaders regarding international privacy law, cybersecurity and the Law of Armed Conflict. Brett obtained his Juris Doctorate from the University of California, Los Angeles, and pursued an LL.M. in National Security/International Law from the Georgetown University Law Center. He also holds a Bachelor’s degree from Florida State University, where he held the positions of Student Body President and Chair of the Florida Student Association.

Andrew Folks is an associate in the Data Strategy, Privacy & Security Group at Frankfurt Kurnit. He counsels technology, media, and brand clients on privacy, security, artificial intelligence, advertising, and adtech matters – essentially, any topic involving data. He drafts and negotiates agreements and navigates risks related to emerging technologies and evolving regulatory frameworks. He is a Certified Information Privacy Professional (U.S. and Europe) and Certified Information Privacy Manager, and co-chairs the IAPP KnowledgeNet Los Angeles Chapter.

Chris Ghazarian is the COO and General Counsel at DreamHost, where he leads global strategy, M&A, and operations while navigating complex privacy and cybersecurity challenges across multiple jurisdictions. For more than a decade, he has guided the company through one of the most transformative eras in technology and privacy law, steering high-stakes regulatory battles, untangling multi-million-dollar disputes, and charting a course through evolving international privacy frameworks. Beyond DreamHost, Chris runs a boutique law firm representing clients from early-stage startups to multinational enterprises, and has taken on high-profile legal battles against names like The Weeknd and eHarmony on cutting-edge privacy, data security, and IP matters across the US, Europe, Asia, and the Middle East. For fun, he teaches Cybersecurity Law at Southwestern Law School in Los Angeles, shaping the next generation of legal minds in technology and law. His work has earned recognition as a “Digital Age Fighter,” “GC Powerlist” attorney, “Cyber and Data Privacy Trailblazer,” and “Top 25 General Counsel.”

Daniel M. Goldberg is Chair of the Data Strategy, Privacy & Security Group at Frankfurt Kurnit. He advises on a wide range of privacy, security, and AI matters. His expertise spans from handling high-stakes regulatory enforcement actions to shaping the application of privacy and AI laws. Earlier this year, the California Privacy Lawyers Association named him the “California Privacy Lawyer of the Year.”

Céline Guillou, Special Counsel at Kelley Drye, advises clients on a wide range of data protection matters across industries. She guides companies through complex data governance and compliance, as well as regulatory and privacy-related litigation challenges, working cross-functionally with internal stakeholders to understand data uses and risks. Céline’s in-depth knowledge stems from a unique blend of experience in both government enforcement (CPPA) and as in-house counsel. She has a deep understanding of the privacy-driven technical and operational implications for businesses, and works closely with internal teams to translate complex privacy laws into actionable, operational strategies and anticipate potential risks.

Joshua Heiman, CIPP/US, is AI Counsel at Klinedinst PC and a nationally recognized advisor on privacy, technology law, and emerging risk. He serves on the Board of the California Lawyers Association (CLA), the Executive Committee of the CLA Privacy Law Section, and is a delegate for the California Delegation to the American Bar Association (ABA). Joshua counsels clients on legal exposure stemming from artificial intelligence, cross-border data transfers, and third-party vendor systems. He frequently speaks and writes on AI governance, litigation strategy, and regulatory compliance.

I’m a technology and video games lawyer with a strong international focus and experience across a range of tech topics, from IP licensing to consumer issues to privacy and other digital regulation. I’m currently based in San Francisco, where I act as in-timezone contact for cutting-edge overseas legal advice for North American clients, as I help them expand, grow and transform in Europe and beyond. 

Linsey Krolik is Assistant Clinical Professor at Santa Clara University School of Law, teaching and practicing privacy, startup, and technology law. She is Director of the TechEdge JD, a skills based certificate program for students interested in working in technology law and the Director of the Entrepreneurs’ Law Clinic, where students work with real startups on transactional law projects. As a privacy law expert, she is also co-Director of Santa Clara Law’s Privacy Law Certificate. In addition to her teaching role, Linsey continues to practice law – she currently works in a consultant capacity as Product Legal Counsel at Credo AI, an AI governance tool provider, and previously held senior roles as a product, privacy, and commercial lawyer at global companies including PayPal, BILL, ARM, and Palm. She serves as a board director of a global fintech company and is a frequent speaker on privacy, AI governance, product counseling and practical lawyering.

Dajin is a German qualified lawyer and a member of Taylor Wessing’s Technology, Media & Communications sector group. She is based in the firm’s US representative office in San Francisco. 

Dajin advises international, in particular US based, companies in time zone on all aspects of European digital regulation including, data, privacy and AI regulation. She specializes in advising clients on implementing the requirements of the GDPR and sector-specific data protection laws, as well as supporting clients in navigating key pillars of EU digital regulation, such as the EU Data Act and the EU AI Act. She also assists her clients in regulatory proceedings before German and European regulators.

Kate Lucente is a partner in the DLA Piper Data Protection, Privacy and Security group, with more than 15 years of experience in privacy and cybersecurity law. Drawing on her considerable experience, Kate focuses on providing strategic advice and guidance that is practical, actionable, and tailored to a company’s size, business model, and risk profile.  Kate regularly advises clients on a broad range of cyber security, privacy compliance, and governance matters, including security, vendor risk management, incident response, as well as data strategy and risk management, privacy litigation and enforcement, and compliance with global privacy and data protection requirements.

Nancy Perkins, counsel in the Washington, DC office of Arnold & Porter, advises clients on a wide range of data protection issues at the federal and state levels, focusing in particular on rules governing the use and disclosure of health, geolocation, financial, and other sensitive personal information.  She assists clients in structuring their transactional activities, online service offerings, privacy policies, and security controls to comply with applicable laws and best practices.   Nancy regularly counsels clients on the requirements of HIPAA, the California Consumer Privacy Act (CCPA), other state privacy laws and regulations, the CAN-SPAM Act, the Telephone Consumer Protection Act, the Children’s Online Privacy Protection Act – as well as federal and state data breach notification requirements.  She also has a deep background in international law and advises clients on cross-border transfers, the EU and UK GDPRs, as well as broader issues arising under the rapidly developing framework for global legal protection of personal information.  A graduate of Harvard Law School, Harvard’s Kennedy School of Government, and Harvard College, Nancy is a member of the American Law Institute and was an Adviser on the Institute’s project “Principles of the Law:  Data Privacy.”  She is currently serving as the American Bar Association’s representative to the Uniform Law Commission’s study on state government uses of AI and has been ranked as one of America’s Leading Lawyers for Privacy & Data Security by Chambers USA every year since 2009.  

Stacey Schesser is the Supervising Deputy Attorney General for the Privacy Unit in the Consumer Protection Section of the Office of the California Attorney General.  Her recent matters include People v. Google, People v. Blackbaud, in addition to leading the team that enforces the California Consumer Privacy Act (CCPA). She began her career at the Attorney General’s Office in 2007 in its Criminal Division and has worked in the Privacy Unit since its inception in 2012.  In 2024, Stacey was named “California Privacy Lawyer of the Year” and in 2019, she was recognized as one of the Recorder’s “Women Leader in Tech Law,” the only public sector recipient of this award.  Stacey received her J.D. at UC Berkeley’s School of Law, where she wrote on privacy law issues for the California Law Review, and received her B.A. at Douglass College, Rutgers University.

David advises clients on existing and emerging state, federal, and international privacy, AI, and information laws and associated regulations. He works with clients throughout their life cycle, helping them understand and comply with rapidly evolving requirements, leading comprehensive responses to cybersecurity incidents, and playing a key role in transactions. 

Cody Venzke is a Senior Policy Counsel in the ACLU’s National Political Advocacy Department, working on issues in surveillance, privacy, and technology. Cody focuses on comprehensive consumer privacy legislation, safe and nondiscriminatory AI, children’s privacy, and civic uses of data. He is an author of a treatise published by LexisNexis on education data and student privacy.

Prior to joining the ACLU, Cody worked as a Senior Counsel at the Center for Democracy & Technology, where he worked on student privacy and civic technology. He also served as an Attorney Advisor and Honors Attorney at the Federal Communications Commission and clerked for federal judges on the Third Circuit and the Eastern District of Pennsylvania. Cody previously worked as a litigator with an international law firm, where he served clients in emerging technologies such as clean energy, medicine, and media. In his pro bono work, Cody has represented tenants in eviction actions and assisted applicants under the U visa program. Prior to starting his law career, Cody taught math at a large public high school in Houston, Texas through Teach For America.

Cody graduated from Stanford Law School and St. Olaf College.

Jennie Wang VonCannon is a leading privacy and cybersecurity attorney with over two decades of experience advising organizations on technology risk, regulatory compliance, and incident response. As former Deputy Chief of the Cyber and Intellectual Property Crimes Section in the National Security Division of the U.S. Attorney’s Office for the Central District of California, Jennie directed complex cyber investigations and prosecutions, developing deep expertise in ransomware, data breaches, and emerging threats. 

Now a partner in the Los Angeles office of Crowell & Moring LLP, Jennie guides clients through crisis management, regulatory inquiries, and litigation arising from cybersecurity incidents, including ransomware attacks and AI-related risks. She is a Certified Information Privacy Professional and holds the Artificial Intelligence Governance Professional (AIGP) certification, equipping her to address the intersection of privacy, cybersecurity, and AI. 

Jennie is a founding member and former Chair of the Los Angeles County Bar Association Privacy and Cybersecurity Section, and President-Elect of the Women Lawyers Association of Los Angeles. A frequent speaker and educator, she is recognized for her ability to translate complex technical and legal concepts into practical strategies for legal professionals. At the CLA Privacy + AI Lab conference, Jennie will facilitate the workshop “Beyond the Breach: Ransomware Tabletop for the AI Era,” helping participants build skills to navigate the evolving challenges of ransomware in an AI-driven landscape.

Mark is the US Managing Partner responsible for overseeing the operations of Fieldfisher in the United States. He is an English and a Registered Foreign Legal Consultant with the European law firm Fieldfisher, based full-time in Silicon Valley.

Bringing a UK/European perspective, Mark specializes in international technology and data law, with a particular focus on GDPR and digital regulation. He is a leading expert in contract and regulatory matters, advising on EU-based technology transactions, especially those involving disruptive technologies. His expertise spans the convergence of cloud, digital, and online technologies, leveraging intellectual property and data.

In addition to his data-centric practice, Mark has been deeply involved in AI and machine learning projects for years. He provides strategic legal guidance on AI governance, ethical AI deployment, and compliance with emerging AI regulations, ensuring that innovative technologies align with legal standards and best practices.

Mark holds the CIPP(E), AIGP and FIP and is a member of the IAPP AIGP and CIPP/e training faculty.

Chiara Imelda Wirz, LL.M., CIPP/US, CIPP/E is Corporate Counsel and AI Ambassador at eBay Inc. As AI Ambassador for the Legal team at eBay, she drives strategic AI initiatives, shaping the future of corporate governance through cutting-edge AI applications. She leads the corporate governance program for eBay’s domestic and international subsidiaries and advises business partners on U.S. and international compliance laws. She also serves as Board Liaison for eBay Inc. ‘s public company Board. In previous roles at eBay, Chiara built and matured a company-wide privacy program for an eBay subsidiary as a de-facto CPO, successfully implementing global and U.S. state privacy laws. Leveraging her international expertise from private practice in Switzerland, where she advised global clients on employment and data protection laws, including GDPR, Chiara successfully transitioned to in-house counsel in the San Francisco Bay Area. Chiara is IAPP Certified Information Privacy Professional (CIPP/US, CIPP/E) and Co-Chair of the San Francisco Bay Area chapter of Women in Security and Privacy (WISP). Contact Chi