Sarah has an active pro bono practice that includes assisting federal inmates with post-conviction relief and parole, as well as assisting residents with housing-related eviction matters in housing court.
Sarah received her J.D. from the University of Richmond (summa cum laude, Order of the Coif) in 2018. During law school she served as the Manuscripts Editor for the University of Richmond Law Review and was awarded the J. Westwood Smithers Award and the Phillip Cudlipp Medal. She received her B.A. from the University of Maryland, College Park in 2015.
Prior to joining Orrick, Sarah was an associate at Buckley LLP. Prior to joining Buckley, Ms. Meehan clerked for the Honorable Judge Roderick C. Young (then-Magistrate Judge) in the U.S. District Court for the Eastern District of Virginia.
Whitney-Ann counsels and represents individual and corporate clients through all stages of litigation with a focus on cybersecurity and privacy issues, including data breach class actions. She has extensive experience in state and federal court and before arbitral tribunals. She can be trusted to jump into a case at any stage to help drive strategy and obtain favorable results. In addition to routinely helping clients obtain early victories through successful motions practice, she has served as a key member on multiple trial teams, including obtaining an important defense verdict after a multi-week trial for a high-profile client. She was named a Best Lawyers: Ones to Watch® in America in 2026 for her work in Commercial Litigation, Class Action Defense, and Mass Torts.
Whitney-Ann formerly taught a practical course on civil discovery in federal courts as an adjunct professor at Georgetown University Law Center.
Whitney-Ann was previously a litigation associate at Quinn Emanuel Urquhart & Sullivan, LLP. After law school, she served as the judicial law clerk to the Honorable Judge Ivan D. Davis, United States Magistrate in the Eastern District of Virginia, Alexandria division.
Whitney-Ann maintains an active pro bono practice, focusing on immigration relief for children, families fleeing violence at home, and civil rights and housing issues.
Anna has experience working with global companies on a wide variety of privacy, cybersecurity and data protection matters. She has a particular interest in emerging technologies and their intersection with ethical and social issues associated with her practice.
Anna has contributed a number of articles and thought leadership pieces on current data protection, privacy and information law issues.
Enny provides guidance on matters relating to numerous privacy and cybersecurity laws, including the U.S. state privacy laws in California, Colorado, Connecticut, Utah, Virginia and other states. Her work also includes counseling on compliance with Europe's General Data Protection Regulation (GDPR).
Enny graduated with honors from The University of Washington School of Law. While in law school, Enny served as the Editor-in-Chief of The Washington Journal of Law, Technology and Arts, Co-President of the UW Law and Business Association, Vice President of the UW Black Law Students Association and participated in the UW Law Mediation Clinic.
Carly counsels clients across several sectors, including health technology, financial services, private equity, insurance, and technology on a range of United States (U.S.) federal and state privacy laws, including, but not limited to:
Illinois Biometric Information Privacy Act (BIPA) and other biometric privacy laws
Health Insurance Portability and Accountability Act (HIPAA)
Washington My Health My Data Act and other state health privacy laws
U.S. state privacy laws in California, Colorado, Connecticut, Utah, Virginia and other states
Telephone Consumer Protection Act (TCPA)
Controlling the Assault of Non-Solicited Pornography And Marketing Act (CAN-SPAM)
New York Department of Financial Services Cybersecurity Regulation 500
She also prepares clients for regulatory inquiry and government investigation and provides assessments of privacy and security practices for companies carrying out due diligence in the context of corporate transactions. Carly also maintains an active pro bono practice, which has included helping clients in immigration and criminal justice matters.
Carly has obtained the Certified Information Privacy Professional - United States (CIPP/US) designation from the International Association of Privacy Professionals.
Naomi provides clients guidance on implementing global privacy programs and advises on the U.S. state privacy laws in California, Colorado, Connecticut, Utah, Virginia and other states. She assists clients in breach investigations and cybersecurity incident response, including advising on breach notification, regulatory investigations and managing cybersecurity policies and procedures.
Naomi draws on her experience in fixed income trading technology when advising on cybersecurity and compliance risks within business operations. During law school she externed at the Center for Reproductive Rights focusing on privacy in the context of international human rights.
She has partnered with start-ups and Fortune 500 companies to develop comprehensive privacy and cybersecurity policies and procedures that comply with U.S., EU and UK law and self-regulatory frameworks, including U.S. state privacy laws; the EU and UK General Data Protection Regulation (GDPR); the CAN-SPAM Act; the Telephone Consumer Protection Act (TCPA); the Federal Trade Commission Act (FTC Act); and the Health Insurance Portability and Accountability Act (HIPAA).
Bianca helps clients prepare for and respond to crisis security incidents, including by advising on personal data breach notification obligations, working closely with cyber forensics experts, engaging with law enforcement, and responding to regulatory inquiries.
She also provides clients with practical guidance in complex and multijurisdictional corporate transactions to help navigate attendant privacy and cybersecurity risks.
Please do not include any confidential, secret or otherwise sensitive information concerning any potential or actual legal matter in this e-mail message. Unsolicited e-mails do not create an attorney-client relationship and confidential or secret information included in such e-mails cannot be protected from disclosure. Orrick does not have a duty or a legal obligation to keep confidential any information that you provide to us. Also, please note that our attorneys do not seek to practice law in any jurisdiction in which they are not properly authorized to do so.
By clicking "OK" below, you understand and agree that Orrick will have no duty to keep confidential any information you provide.