Elizabeth McGinn


Washington, D.C.

New York

Beth McGinn focuses her practice on assisting clients in identifying, evaluating and managing the risks associated with cybersecurity, internal privacy and information security practices, as well as those of third-party vendors. She advises clients on the Gramm-Leach-Bliley Act (GLBA), the Fair Credit Reporting Act (FCRA), the General Data Protection Regulation (GDPR), the Telephone Consumer Protection Act (TCPA), the Telemarketing Sales Rule (TSR), the Health Insurance Portability and Accountability Act (HIPAA), security breach notification laws and other U.S. state and federal privacy and data security requirements.

In conjunction with this work, she develops policies and procedures, records retention schedules and training materials. A significant part of her practice involves addressing data security breaches, working proactively with clients to prevent such breaches from occurring, and advising clients in responding to regulatory inquiries, investigations and enforcement actions related to privacy, information security and cybersecurity issues. She also assists numerous professional sports teams comply with data privacy concerns, consumer financing laws and payment system issues.

Beth also represents financial institutions, corporations and individuals in a wide range of matters. She advises clients in investigations, examinations and litigation initiated by the Consumer Financial Protection Bureau (CFPB), the New York Department of Financial Services (NYDFS), the Department of Justice (DOJ), the Federal Trade Commission (FTC), state attorneys general and bank regulatory agencies. She has represented financial institutions in class action litigation concerning federal and state fair lending laws, mortgage fraud, unfair and deceptive trade practices statutes, consumer fraud statutes and consumer privacy laws. She has extensive experience counseling clients in response to federal and state subpoenas and handling all aspects of e-discovery.

Over the course of her career, Beth has represented clients in matters involving simultaneous criminal, civil administrative and congressional proceedings. She has defended clients in matters relating to money laundering compliance issues and investigations and litigation by the U.S. Attorney’s Office for the Southern District of New York (SDNY), the Manhattan District Attorney’s Office, the Department of Treasury, the Securities and Exchange Commission (SEC), and various congressional committees, including the U.S. Committee on Homeland Security and Government Affairs Permanent Subcommittee on Investigations, the U.S. House Financial Services Committee and the U.S. House Committee on Oversight and Government Reform.

Beth has published and spoken on a variety of topics, including privacy, cybersecurity, electronic discovery, vendor management and consumer financial services litigation. She authored the chapter on “Oversight of Compliance and Control Responsibilities” for Navigating the Digital Age – The Definitive Cybersecurity Guide for Directors and Officers. She has been recognized for her work in Cyber Law (Data Protection and Privacy) by Legal 500 since 2013, which describes her as “outstanding on privacy and e-discovery issues,” “able to advise both on the regulatory and litigation sides of problems,” an attorney who "exceeds expectations on response and turnaround times,” “has strong industry knowledge in data security and privacy, and is able to walk the fine line between operational efficiency and regulatory compliance' when developing IT policies.” It also described her as “top notch, incredibly responsive, thoughtful, and provides advice that is both practical and efficient.”

Prior to joining Orrick, Beth was a partner at Buckley LLP where she was Co-chair of the firm’s Privacy, Cyber Risk & Data Security practice and E-discovery Committee. Previously she was an associate at Skadden, Arps, Slate, Meagher & Flom. She clerked for Federal Magistrate Judge P. Trevor Sharp of the United States District Court for the Middle District of North Carolina after law school. Beth is a Certified Information Privacy Professional (CIPP/US).

View Beth's webcasts & speaking engagements, news mentions and publications.

"Outstanding on privacy and e-discovery issues. Able to advise both on the regulatory and litigation sides of problems. Top notch, incredibly responsive, thoughtful, and provides advice that is both practical and efficient." - Legal 500

  • Representative work includes:

    • Assisting clients in addressing data security incidents including interactions with federal and state agencies, oversight of forensic investigations, consumer notifications, and remedial steps following incidents
    • Advising clients on proactive cybersecurity readiness, including developing policies and procedures, and counseling clients on data collection and sharing issues
    • Advising clients in responding to regulatory inquiries, investigations, and enforcement actions related to privacy, information security, and cybersecurity issues
    • Advising fintech companies and financial services institutions regarding the application of privacy and security safeguards to new technologies
    • Representing and advising a variety of clients, including banks, student lenders, mortgage servicers, and other financial services companies, during regulatory investigations and enforcement matters by state and federal agencies, including the CFPB, FTC, DOJ, NYDFS, and state attorneys general
    • Represented two major lenders in a suit brought by the DOJ alleging violations of the Servicemembers Civil Relief Act (SCRA); multiple cases were settled collectively, without admission of fault, for a negotiated settlement
    • Negotiated a settlement with the Nevada Attorney General on behalf of a mortgage company accused of violating the Nevada Deceptive Trade Practices Act
    • Represented a major financial institution in a Federal Reserve Board (FRB) investigation alleging unfair and deceptive mortgage origination practices
    • Represented a financial institution in a nationwide borrower class action alleging discrimination on the part of the bank’s mortgage lending practices in violation of the Fair Housing Act (FHA) and the Equal Credit Opportunity Act (ECOA)