Shannon Yavorsky


San Francisco


Shannon Yavorsky is the head of Orrick’s global Cyber, Privacy & Data Innovation group and a leading authority on United States (U.S.) and European (EU) privacy, cybersecurity and artificial intelligence (AI) issues. She is uniquely qualified in California, England and Wales and helps global companies navigate the increasingly complex global privacy, cybersecurity and artificial intelligence regulatory landscape.

She advises public and private companies across several sectors, including life sciences and health technology, financial services, private equity, insurance, social media and technology on a range of EU and U.S. federal and state privacy laws. Shannon’s strategic counseling advice includes, but is not limited to:

  • Advertising and payment card processing self-regulatory frameworks
  • Controlling the Assault of Non-Solicited Pornography And Marketing Act (CAN-SPAM)
  • Electronic Communications Privacy Act (ECPA)
  • EU Artificial Intelligence Act
  • EU e-Privacy Directive
  • EU General Data Protection Regulation (GDPR)
  • Fair Credit Reporting Act (FCRA)
  • Gramm–Leach–Bliley Act (GLBA)
  • Health Insurance Portability and Accountability Act (HIPAA)
  • National Institute of Standards and Technology (NIST) Artificial Intelligence Risk Management Framework
  • Telephone Consumer Protection Act (TCPA)
  • U.S. state breach notification laws
  • U.S. state privacy laws in California, Colorado, Connecticut, Utah and Virginia (CCPA, CPRA, CPA, CTDPA, UCPA, VCDPA)

Shannon also helps clients undertake comprehensive privacy, cybersecurity and artificial intelligence risk assessments, evaluates privacy, security and artificial intelligence risks in corporate transactions and drafts and negotiates data-related contracts. She advises clients on cross-border data transfers, data breaches and developing global privacy and artificial intelligence compliance programs.