Shannon Yavorsky

Partner

San Francisco

London

Shannon Yavorsky is the head of Orrick’s global Cyber, Privacy & Data Innovation group and co-leads the Artificial Intelligence (AI) & Machine Learning team. She is a leading authority on United States (U.S.) and European (EU) privacy, cybersecurity and AI issues. She is uniquely qualified in California, England and Wales and helps global companies navigate the increasingly complex global privacy, cybersecurity and AI regulatory landscape.

She advises public and private companies across several sectors, including life sciences and health technology, financial services, private equity, insurance, social media and technology on a range of EU and U.S. federal and state privacy laws. Shannon’s strategic counseling advice includes, but is not limited to:

  • Advertising and payment card processing self-regulatory frameworks
  • Controlling the Assault of Non-Solicited Pornography And Marketing Act (CAN-SPAM)
  • Electronic Communications Privacy Act (ECPA)
  • EU AI Act
  • EU e-Privacy Directive (EPD)
  • EU General Data Protection Regulation (GDPR)
  • Fair Credit Reporting Act (FCRA)
  • Gramm–Leach–Bliley Act (GLBA)
  • Health Insurance Portability and Accountability Act (HIPAA)
  • National Institute of Standards and Technology (NIST) AI Risk Management Framework (AIRMF)
  • Telephone Consumer Protection Act (TCPA)
  • U.S. state breach notification laws
  • U.S. state privacy laws in California, Colorado, Connecticut, Utah and Virginia (CCPA, CPRA, CPA, CTDPA, UCPA, VCDPA)

Shannon also helps clients undertake comprehensive privacy, cybersecurity and AI risk assessments, evaluates privacy, security and AI risks in corporate transactions and drafts and negotiates data-related contracts. She advises clients on cross-border data transfers, data breaches and developing global privacy and AI compliance programs.