9:00am – 10:05am Panel: Managing an Effective Privacy Program in a Time of Increasing Regulatory and Legal Risk
Moderator: Avi Gesser, Partner, Debevoise & Plimpton LLP
Avi Gesser is Co-Chair of the Data Strategy & Security Group at Debevoise & Plimpton. His practice focuses on advising major companies on a wide range of cybersecurity, privacy and artificial intelligence matters. He has represented global financial services firms, private equity firms, insurance companies, hedge funds and media organizations in large-scale ransomware attacks, cyber breaches by nation-states, and regulatory investigations relating to the use of artificial intelligence.
Nicole Friedlander, Partner, Sullivan & Cromwell LLP
Nicky Friedlander is a partner in Sullivan & Cromwell’s criminal defense and investigations practice, and co-head of its cybersecurity group. In cybersecurity, Nicky advises global corporations and boards of directors on governance, preparedness, incident response, post-breach investigation and litigation. Nicky has repeatedly been named to Cybersecurity Docket’s “Incident Response 50,” a list of the top cyber lawyers in the country; ranked by Chambers USA in White-Collar Crime and Government Investigations, Privacy and Data Security, and Incident Response; and identified by Lawdragon as one of the “500 Leading Litigators in America” and by Benchmark Litigation as a Litigation Star. Nicky previously served as Chief of the Complex Frauds and Cybercrime Unit for the U.S. Attorney’s Office for the Southern District of New York, where she led many high-profile white-collar crime and cybercrime prosecutions.
James Haldin, Partner, Davis Polk & Wardwell LLP
Jamie is a member of Davis Polk’s White Collar Defense & Investigations and Data Privacy & Cybersecurity practices. He represents companies and boards of directors in complex investigations and high-stakes regulatory and enforcement matters, with a particular focus on novel data privacy issues. Jamie has substantial experience advising on data privacy compliance and governance, privacy incident disclosure and remediation, and privacy-related audits. He regularly represents clients before various state, federal and international authorities, including DOJ, SEC, FTC, CFPB, OCC and the Federal Reserve.
Melissa Harrup, Global Chief Ethics and Compliance Officer, Mondelēz International
Melissa Harrup is the Global Chief Ethics and Compliance Officer at Mondelēz International, Inc. She is an international lawyer with 20+ years of experience spanning emerging and developed markets, transformation/change management roles, and advising in turnaround and crisis environments. She has worked and lived in Australia, Singapore, and the United States. Melissa has held a wide range of regional and global legal leadership roles including Regional Counsel Asia Pacific, Chief Counsel North Asia, Head of Global Intellectual Property, and Chief Counsel North America. Melissa started her legal career as a solicitor with Australia’s leading independent law firm, Corrs Chambers Westgarth. Melissa received a Bachelor of Arts with honors (Phi Beta Kappa) from Grinnell College; a Bachelor of Laws with honors from Monash University; and a Master of Science in Data Science (Artificial Intelligence) from Northwestern University. Melissa is admitted to the Bars of Australia and New York and admitted as House Counsel in Illinois and New Jersey.
Judith (Judy) Titera, Strategic Adviser, RadarFirst; Board Member, MS Traverserse Insurance Group
Judy Titera currently serves as Independent Director on the Mitsui Sumitomo Transverse Insurance board and audit committee as well as the advisory board for private equity held RadarFirst. Ms. Titera retired from United Services Automobile Association (USAA) where she served as the Chief Privacy Officer. In that role she advanced innovative technology while maintaining compliance with state, federal, and international data privacy laws and regulations. Titera earned an Executive MBA from UW-Milwaukee and a Graduate Degree in HealthCare Management from Carroll College. She participates in various professional activities and speaking engagements, including the National Association of Corporate Directors (NACD) and the International Association of Privacy Professionals (IAPP), and is a frequent guest lecturer at Marquette University Law School–Health Law course.
10:25am – 11:05am Presentation and Fireside Chat: What Privacy Interests Matter and Which Should Be Protected by Law?
Moderator: Joseph Facciponti, Executive Director, PCCE
Joseph Facciponti is PCCE's Executive Director and an Adjunct Professor at NYU and Cornell Law School. He is a former cybercrime and complex frauds prosecutor with in-house and private practice experience in internal investigations, data breaches, and regulatory and compliance matters concerning cybersecurity, data privacy, and financial crime. For nine years, he was a prosecutor at the SDNY, where he won an FBI Director’s award for outstanding cyber investigation. Later, Facciponti was Deputy Head of global internal investigations at HSBC. He has also spent over eight years in private practice counseling clients on financial crime, cybersecurity, data privacy, and other issues. Facciponti is currently the Co-Chair of the New York State Bar Association’s Committee on Privacy, Data Security and Information Technology Litigation.
Speaker: Florencia Marotta-Wurgler, Boxer Family Professor of Law, NYU School of Law
Florencia Marotta-Wurgler focuses on contracts, consumer privacy, consumer law, electronic commerce, empirical legal studies, and law and economics. Her research has studied consumer contracts and privacy policies online, such as whether disclosure and information privacy regimes are effective and whether people read fine print. She has participated in FTC hearings and testified before the US Senate. She is a co-reporter of the American Law Institute’s Restatement of the Law of Consumer Contracts, a member of the Scientific Advisory Board of the Max Planck Institute for Research on Collective Goods, and a former member of the board of directors of the American Law and Economics Association. She serves as the Director of the Study Abroad program in Buenos Aires at NYU School of Law, where she is also a fellow at the Engelberg Center and an affiliated faculty member at the Birnbaum Women’s Leadership Network. Professor Marotta-Wurgler received a BA with honors from the University of Pennsylvania and a JD cum laude from the NYU School of Law.
11:15am – 12:20pm Panel: Effectively Addressing Dark Patterns and the Unfair Manipulation of Consumer Choices
Moderator: Joseph Facciponti, Executive Director, PCCE
See above for bio.
Nancy Libin, Partner, Davis Wright Tremaine
Nancy advises clients on compliance with the Federal Trade Commission (FTC) Act and sector-specific federal privacy laws, such as the Gramm-Leach-Bliley Act (GLBA), the Family Educational Rights and Privacy Act (FERPA), the Children's Online Privacy Protection Act (COPPA), the Wiretap Act, the Electronic Communications Privacy Act (ECPA), the Telecommunications Act (and CPNI regulations), and the Video Privacy Protection Act (VPPA), as well as the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA)—as amended by the California Privacy Rights Act (CPRA)—and other state privacy laws. A former chief privacy and civil liberties officer of the U.S. Department of Justice, and counsel to then-Senator Joe Biden on the Senate Judiciary Committee, Nancy also brings a three-dimensional understanding of law, policy, and strategy that enables her to help clients effectively participate in legislative activity and government proceedings and understand regulatory trends.
Lisa Kim, Senior Privacy Counsel and Advisor, California Privacy Protection Agency
Lisa Kim is the Senior Privacy Counsel and Advisor at the California Privacy protection Agency. As the Agency’s top privacy protection legal expert, she provides analyses and legal and policy recommendations to the Agency’s Board and Executive Director on privacy and data security issues across all divisions. Lisa led the Agency’s team in drafting new regulations that operationalize the California Privacy Rights Act’s amendments to the California Consumer Privacy Act (CCPA), including regulations that clarify the law’s data minimization principles, prohibition on dark patterns, and requirements for an opt-out preference signal. Prior to joining the Agency, she was a Deputy Attorney General at the California Attorney General’s Office, where she enforced state and federal privacy laws and drafted the regulations first implementing the CCPA. In 2023, Lisa received the first ever “Privacy Lawyer of the Year” award by the Privacy Law Section of the California Lawyer’s Association.
Chris Sprigman, Professor, NYU School of Law
Christopher Jon Sprigman came to NYU School of Law in 2013 from the University of Virginia School of Law. Sprigman teaches intellectual property law, antitrust law, torts, and comparative constitutional law. His research focuses on how legal rules affect innovation and the deployment of new technologies. Sprigman’s widely cited works have had an influence on important aspects of copyright and trademark law, and often belie the conventional wisdom about intellectual property rights. He was an appellate counsel from 1999 to 2001 in the Antitrust Division of the US Department of Justice, where US v. Microsoft was among his cases, and later was elected partner in the Washington, DC, office of King & Spalding before becoming a residential fellow at Stanford Law School’s Center for Internet and Society. Sprigman received his BA in history magna cum laude from the University of Pennsylvania in 1988, and a JD with honors from the University of Chicago Law School in 1993. He subsequently clerked for Judge Stephen Reinhardt of the US Court of Appeals for the Ninth Circuit and Justice Lourens H. W. Ackermann of the Constitutional Court of South Africa. In 2015, the American Law Institute named him Reporter for the Restatement of Copyright.
Felicity Slater, Policy Fellow, Future of Privacy Forum
Felicity Slater (she/her) is a Policy Fellow at FPF, where she researches and analyzes consumer privacy laws, bills, and regulatory activity. Felicity earned her J.D. from Boston University School of Law in 2022. At graduation, she was awarded the Melville M. Bigelow Scholarship Award by the faculty. While in law school, Felicity served on the board of the Journal of Science and Technology Law, as a Gomes Fellow at the BU/MIT Technology Law Clinic, and as a research assistant for Professors Danielle Citron and Stacey Dogan, with whom she co-authored The Long Shadow of Inevitable Disclosure, published George Mason Law Review (30:3). Prior to law school, Felicity earned her M.A. in Philosophy from The City University of New York Graduate Center and her B.A. in Philosophy from Grinnell College.
1:30pm – 2:35pm Panel: Managing an Effective Cybersecurity Program in a Time of Increasing Threats and Disclosure Requirements
Moderator: Douglas Bloom, Managing Director, Co-Head of Cybersecurity and Privacy Law, Morgan Stanley
Doug is a Managing Director and Co-Head of Cybersecurity & Privacy for Morgan Stanley's Legal & Compliance Division. In that role, he is responsible for the Firm's legal response to cybersecurity, fraud, and operational resilience matters—including incident response, regulatory examinations and new legislation affecting the Firm. Doug is also responsible for privacy matters affecting the Firm’s personnel and client base. Prior to joining PwC, Doug was a federal prosecutor in the United States Attorney’s Office for the Southern District of New York. Doug is a 2015 recipient of the Attorney General’s John Marshal Award, the highest attorney honor granted by the Department of Justice, and a 2013 recipient of the Federal Law Enforcement Foundation’s Prosecutor of the Year award. Doug is an Adjunct Professor of Law at Fordham University, where he teaches a course on computer crimes. He received a Bachelor’s degree in Symbolic Systems and a Master’s degree in Linguistics from Stanford University. He received a Juris Doctor, cum laude, from Harvard Law School.
Leonard Bailey, Special Counsel for National Security, Computer Crime & Intellectual Property Section, DOJ
Leonard Bailey is Head of the Cybersecurity Unit and Special Counsel for National Security in the Criminal Division’s Computer Crime and Intellectual Property Section. He has prosecuted computer crime cases and routinely advised on cybersecurity, searching and seizing electronic evidence, and conducting electronic surveillance. He has managed DOJ cyber policy as Senior Counselor to the Assistant Attorney General for the National Security Division and as an Associate Deputy.
Gabrielle Guzman, Counsel - Cybersecurity, Privacy, Data, BNY Mellon
Gabrielle Guzman is VP and Counsel for the Bank of New York Mellon (BNYM) specializing in Cybersecurity, Privacy, and Data Governance. She provides legal support for incident preparation and response, guidance on proposed and final regulations, globally, and she negotiates cybersecurity terms for client and vendor contacts. Gabrielle is also a founding member of the Cyber Counsel Association, a networking group for in-house cybersecurity counsel, consisting of over 100 lawyers from over 50 institutions in the US and internationally. She is a frequent organizer and host for their networking and conference events. Prior to joining BNYM, Gabrielle provided Cybersecurity and Third Party Risk Management legal support as Associate Counsel at American Express and as Third Party Governance Manager at Prudential.
David Hirsch, Chief, Crypto Asset and Cyber Unit, Division of Enforcement, SEC
Dave Hirsch is Chief of the Crypto Assets and Cyber Unit within the SEC Division of Enforcement. Prior to that he served as Counsel to SEC Commissioner Caroline Crenshaw, where he was primarily responsible for matters relating to enforcement along with crypto assets and cybersecurity. He began his career with the SEC as Counsel in the Division of Enforcement, and was a member of the SEC Digital Ledger Technology Working Group and the Dark Web Working Group. Dave is a graduate of the UCLA School of Law and clerked for Judge Edward J. Schwartz in the United States District Court for the Southern District of California. Before joining the SEC, he was a litigator in private practice, and later co-founded and ran a private investigation firm focused on securities fraud investigations. He is a recipient of the SEC Staff Excellence Award, and authored the chapter on Blockchain and Information Security in the Handbook of Blockchain Law.
Erez Liebermann, Partner, Debevoise
Erez Liebermann is a partner and a member of Debevoise’s Data Strategy & Security Group. His practice focuses on advising major businesses on a wide range of complex, high-impact cyber incident response matters and on data related regulatory requirements. With decades of experience in data issues as a litigator, federal prosecutor and senior in-house counsel at a global financial services company, combined with technical training as an aerospace engineer, Mr. Liebermann regularly advises clients on building strategies to reduce their data-related regulatory and reputational risks, and on navigating high-profile investigations following cyber incidents. In 2023, Mr. Liebermann was appointed by the Chief Justice of the New Jersey Supreme Court to service on the Court’s AI Committee, and is Vice Chair of the Association of Law Insurance Counsel’s Data and Technology Section.
2:55pm – 4:00pm Panel: The NYDFS Cybersecurity Rule Amendments and Their Implications for Firms Beyond the Financial Sector Moderator: Judith Germano, Founder, GermanoLaw LLC; Distinguished Fellow, NYU Center for Cybersecurity
Judith H. Germano is an internationally recognized thought leader and advisor on cybersecurity governance and privacy issues. A former federal prosecutor for 11 years and founder of GermanoLaw LLC, Judi counsels public and privately-held organizations on cybersecurity and privacy matters, and represents companies and individuals on issues relating to fraud and other financial crimes, and regulatory-compliance. Judi is a Distinguished Fellow and Professor at NYU’s Center for Cybersecurity (CCS), Senior Fellow at NYU’s Center on Law & Security, and Adjunct Professor at NYU School of Law.
Justin Herring, Partner, Mayer Brown LLP
Justin Herring provides clients with comprehensive representation and counseling on sophisticated cybersecurity matters, including global incident response, enforcement actions and related litigation, cyber monitorships and regulatory compliance. He also advises individuals and entities in the crypto and fintech sectors. Prior to joining Mayer Brown, Justin was Executive Deputy Superintendent of the Cybersecurity Division at the New York State Department of Financial Services (NYDFS). Justin’s leadership, NYDFS’ Cybersecurity Division became a go-to source for guidance on novel and emerging cyber challenges. Prior to NYDFS, Justin served as the inaugural chief of the Cybercrimes Unit at the US Attorney’s Office for the District of New Jersey. He served for nine years as an Assistant United States Attorney in New Jersey and in the District of Maryland and on the New York Governor’s Cybersecurity Advisory Board from 2019 to 2022. Earlier in his career, Justin clerked for Chief Judge Danny J. Boggs of the US Court of Appeals for the Sixth Circuit.
Cheryl James, VP, Chief of Staff to the Chief Legal & Administrative Officer, New York Life Insurance Company
Cheryl James is Vice President and Associate General Counsel at New York Life Insurance Company, where she leads legal teams responsible for employment, mergers and acquisition, intellectual property, technology and strategic sourcing transactions, privacy, cybersecurity, and artificial intelligence. Cheryl is also Chief of Staff to New York Life’s Chief Legal and Administrative Officer. Cheryl clerked for the Honorable George Daniels on the United States District Court for the Southern District of New York. She received a B.A. in Political Science from New York University and a J.D. from Columbia Law School. Cheryl serves as an adjunct professor at Fordham Law School, where she teaches legal writing to first-year law students. She is also on the Advisory Board for the Door, a nonprofit whose mission is to empower young people to reach their potential by providing comprehensive development services in a diverse and caring environment. In 2022, Cheryl was named to the New York Law Journal’s Rising Stars Under Forty list.
Matt Levine, Partner, Elliott Kwok Levine & Jaroslaw LLP (former Executive Deputy Superintendent for Enforcement, NYDFS)
Matthew Levine is a partner at Elliott Kwok Levine & Jaroslaw, LLP and previously served as Executive Deputy Superintendent for Enforcement for the New York State Department of Financial Services. Matt has also served as an Assistant U.S. Attorney in the Department of Justice for nearly a decade, first in the U.S. Attorney’s Office for the District of Columbia, and later in the U.S. Attorney’s Office for the Eastern District of New York. In the Eastern District, Matt served as Acting Chief of the Business & Securities Fraud Section, supervising a group of federal prosecutors conducting major securities fraud, cybercrime, money laundering, health care fraud, tax fraud and other white-collar prosecutions. Matt began his career in the Department of Justice as Deputy Director for Intergovernmental Affairs under Attorney General Janet Reno.
Edward Stroz, Founder, Consilience 360
Edward Stroz founded Stroz Friedberg, an international digital forensics and cyber investigations firm, later sold toAon plc in 2016. Previously, Ed was an FBI Supervisory Special Agent, where he specialized in white collar investigations and then formed their Computer Crime Squad in New York. Trained as an auditor, Ed has extensive experience in investigations of white- collar crime, including financial fraud. He has testified numerous times as an expert witness, and has a special expertise in using behavioral science insights for managing insider risk for institutional clients. He is a Trustee of Fordham University, sits on the Board of Directors of the Citizens Crime Commission of NYC, and the Board of Directors of The Soufan Center. He is also a Senior Fellow of the Program on Corporate Compliance and Enforcement (PCCE) at the NYU School of Law, and co-founder of Consilience 360, LLC which advises boards on cyber risk governance.
4:15pm – 4:50pm Fireside Chat: Adrienne Harris, Superintendent, New York Department of Financial Services
Adrienne A. Harris joined DFS in September 2021. Prior to joining DFS, Superintendent Harris served as Senior Advisor to Deputy Treasury Secretary, Sarah Bloom Raskin before joining the National Economic Council where she managed the financial services portfolio for President Obama. After leaving the White House, Superintendent Harris served as General Counsel and Chief Business Officer at Doma and also served as a Professor and Faculty Co-Director at the University of Michigan’s Gerald R. Ford School of Public Policy’s Center on Finance, Law and Policy. Since taking over at DFS, Superintendent Harris has overhauled the agency and taken decisive actions on a series of defining issues including cybersecurity.
Moderator: Joseph Facciponti, Executive Director, PCCE
See bio above.