Privacy + Security Forum Spring Academy: Hot Topics in State Privacy Laws Compliance and Advertising Challenges in the Healthcare Context

Speaking Engagement | May.10.2023 - May.12.2023

George Washington University Student Center, Washington, DC

Members of Orrick's Cyber, Privacy & Data Innovation team will lead panels on recent developments in U.S. privacy laws and advertising challenges in the healthcare context during the Privacy + Security Forum Spring Academy hosted by the Privacy + Security Academy.

Before the Next Wave: Hot Topics in State Privacy Laws Compliance
Thursday, May 11, 2023: 02:30 PM-03:30 PM EST

As the CPRA’s enforcement and other state laws’ effective dates draw near, this panel will walk through compliance “hot topics”, trends and predictions regarding the U.S. state comprehensive privacy laws that go into effect this year (with more likely to come).

  • Sulina Gabale, Partner, Orrick, Herrington & Sutcliffe
  • Lisa Barksdale, Director of Privacy Compliance, Zillow Group
  • Arlene Mu, Assistant General Counsel & Chief Privacy Officer, Lowe’s Companies
  • Jon Knight, Senior Corporate Counsel, Deltek


Advertising Challenges in the Healthcare Context
Friday, May 12, 2023: 10:10 AM-11:10 AM EST

Are you operating in the healthcare space and worried about recent FTC enforcement actions, OCR guidance, and class action litigation and demand letters arising from the use of online ad trackers, such as the Meta Pixel and Google Analytics? Come join our panel to learn about the recent developments in this space and how to manage the risks their use present.

  • Thora Johnson, Partner, Orrick, Herrington & Sutcliffe
  • Sundeep Kapur, Senior Associate, Orrick, Herrington & Sutcliffe
  • Andrew Shaxted, Managing Director, FTI Consulting


The Inside Job – Cyber Threats from Inside Your Own Organization
Friday, May 12, 2023: 11:30 AM-12:30 PM EST

Insider threats can have a significant impact because they involve actors who know where to locate and leverage sensitive data and how to cover their tracks in the process, even long after they’ve left the organization. In fact, the 2022 Unit 42 Incident Response Threat Report noted that 75% of insider threat cases were caused by disgruntled ex-employees who left with or destroyed company data or accessed company networks after their departure. This session will include tales of corporate espionage, how we track criminal activity through forensic investigations, the potential impact of an economic downturn on cybercriminal activity by insiders, how the usual suspect threat actors can leverage former employees and their credentials to conduct illicit activities, and steps to take now to reduce the risk of this evolving threat.

  • Joseph Santiesteban, Partner, Orrick, Herrington & Sutcliffe
  • Kevin Faulkner, Vice President, Unit 42 by Palo Alto Networks