"Privacy Law 2.0"

Tuesday, December 10th, 2019

Law Offices of McCarter & English
Worldwide Plaza
825 Eighth Ave., 31st Floor
New York, NY 10019

David Friedman |
David Gritz |

3.0 CLE Credits NY

Event Summary:

Big Data. 2020 marks a major shift in information privacy law in the US. “User data” collection and powerful analytics now encompass an unprecedented scale of economic and social activity. This is challenging and transforming our sensibilities about the digital ecosystem, public policy and the law.

Big Laws.
Following the EU’s lead, the final days of “Privacy Law 1.0” in the US are numbered. Come New Year’s Day, California residents enjoy newly-created privacy rights and affected business activity will be subject to the new era requirements of “Privacy Law 2.0”.

Are you prepared for what comes next?
Organizations must proactively cultivate new opportunities or face impending compliance nightmares and emergent legal and reputational risks.

Big Perspectives. To meet these challenges, this Event presents experienced thought leaders across multiple disciplines – privacy officers, business leaders, and technologists – to provide authoritative and pragmatic guidance, and forward looking insight for effective transition to Privacy Law 2.0.




9:00 a.m. Registration & Networking
9:30 a.m. Opening Remarks
9:40 a.m. Big Data: Digital Ecosystem and Critical Mass

10:25 a.m. Break & Networking
10:40 a.m. Privacy Matters. Policy and Law from 1.0 to 2.0
11:30 a.m. Break & Networking
11:40 a.m. The EU’s General Data Protection Regulation (GDPR)

12:30 p.m. Lunch

1:30 p.m. “California, Happy New Year 2020”; the CCPA

2:20 p.m. Break & Networking
2:30 p.m. Compliance: Practical Guidance for the Management of New Information Law Requirements.

3:10 p.m. Break & Networking
3:20 p.m. Data Governance: Practical Guidance for Data Inventory, Security and Identity Verification

3:50 p.m. Keynote: NJ Assemblyman Andrew Zwicker

This Event has Concluded:

Thanks to all our panelists for providing authoritative and thought-provoking discussion on this topical subject.

Special note of appreciation to Assemblyman Zwicker for the illuminating perspectives of a scientist and legislator.

Thank you attendees - the great turnout is most appreciated. Please stay tuned for future events.


David J. Friedman
Founder, PrivacyTechNY



Andrew Zwicker
NJ Assemblyman 16th Dist. | Physicist
General Assembly | Princeton University

Assemblyman Zwicker is leading the transformation of data privacy law in the state of NJ. He chairs the General Assembly's Science, Innovation and Technology Committee and has introduced disclosure and opt out law (A4902). Assemblyman Zwicker also holds a Ph.D. in physics and heads communications at Princeton University's world renowned plasma physics lab.




Marc Gilman
GC and VP of Compliance
Theta Lake

Former global head at Morgan Stanley and litigator at Schiff Hardin, Marc now advises on technology, privacy, and product strategy for next-gen compliance tech.


Nadia Daley-Blake
Commercial & Privacy Counsel

Skillfully navigating the emerging privacy and cybersecurity legal challenges of the digital economy. Previously with the PWC privacy team and co-chair of IAPP.


Seth Litwack
Privacy Counsel
Interpublic Group (IPG)

Seth handles privacy matters for a top-tier $9B advertising and marketing giant; he maintains multiple well-earned certifications in privacy and technology (CIPP, CIPT, and CIPM).


Yuriy Rusko

An in-demand strategic business leader and technologist, Yuriy is credited with preserving phpBB's status as the world's most popular OSS bulletin board platform.


Howard Israel
Fireeye / Mandiant

Internationally recognized, 37-years InfoSec veteran, author of computer virus papers. Head of breach and loss recovery programs at NSA, Bell Labs, and J&J.


Julia Mehlman
Privacy Counsel

At the nexus of privacy and commercial transactions, Julia is responsible for protecting the privacy of over 75M+ active listeners. She has handled COPPA, TCPA, VPPA, HIPAA, GDPR, and CAN-SPAM.


Pankaj Faujdar
Senior Principal

18-year veteran in Data governance and technology delivery. Leader of the data privacy practice that has worked with HSBC, BNY, Chase, and Capital One to transform technology programs.


Sofiat Abdulrazaaq

Entrepreneur and product and marketing strategist for the new economy. Founder of on-demand platform for fast casual dining and SBA consultant for compliance, digital transformation, and product management.


Renata Lowenbraun
VP, Legal and Privacy

Responsible for IP and complex privacy matters at the leading provider of mobile authentication and ID solutions. Previously served as a commercial litigator in the casino gaming and record industry.


Xinping Zhu
VP, Legal and Compliance
Morgan Stanley

Legal executive with accountabilities for cybersecurity, privacy and data protection at one of the world’s leading investment banks. Previously at Covington & Burling focused on IP and tech law.


Praful Dixit
Dixit Advisors

Information security risk management and compliance executive. Former SVP of compliance risk management at Citibank. Supported Sox, GLBA, PIC, NIST, and ISO compliance.


Jillian Larson
Data & Analytics Associate

A rising star in data and analytics with consulting giant KPMG, Jillian solves complex business challenges and produces industry-beating insights; all this while dismantling gender-gaps in STEM.



Susan Okin Goldsmith
McCarter & English

Susan handles challenging intellectual property matters - both domestic and international - in the areas of trademark, copyright, licensing, and infringement. She also manages the related transactional work in areas of capital financing, joint ventures, and M&A. Susan has earned numerous awards and recognition, including NJ "Super Lawyer" and "high-level strategist" for her trademark achievements.


Morgan Jones
McCarter & English

Morgan Recently managed GDPR Compliance for an Am Law 100 firm. At McCarter, Morgan represents early and growth-stage companies from the early stages of structuring, formation, financing, licensing, and data matters and throughout all the life-cycle stages through exit. He also advises small and mid-cap companies on M&A, joint venture and strategic investment matters.



David Friedman

An in-demand transactional and privacy attorney, David founded the in-house tech counsel organization at Thomson Reuters. He recently managed IT contracting and negotiated mission-critical contracts at NYU Hospitals.


David Gritz

Startup advisor and entrepreneur with a track record of transitioning startups from Seed Stage to Series A. David runs insurance industry events on AI, Data and Analytics, and Ecosystems and Platforms.


Brett Smith

Insurance expert, entrepreneur, and management professional with over 23 years of experience in the insurance and financial services. Building a data-centric startup life insurance carrier.




SESSION 1: Big Data: Digital Ecosystem and Critical Mass
9:40 a.m.
Data collection is now a ubiquitous feature of daily life – mobile apps, financial transactions, social activities and entertainment, the IoT, etc. – have created a new environment. Industry depends upon this “Big Data” for marketing, decision-making and operations. This Session will cover:

  • The acceleration of data collection and the rise of intelligent processing.
    The value-enhancing technologies that are driving the new generation of data-dependent business enterprise.
  • The business models and the economic and political use cases of information.

SESSION 2: Privacy Matters. Policy and Privacy Law from 1.0 to 2.0
10:40 a.m.
While the tech economy is producing unprecedented productivity, efficiency and convenience, it is also testing the limits of acceptability with regard to the propagation and commercialization of our personal information. In this Session, we explore insightful and thought-provoking answers to these questions:

  • How do we define “privacy” and who owns your data?
  • How do we balance tech innovation against personal privacy interests?
  • What are the foundational ethical and legal bases, upon which to craft the appropriate policy and law?

SESSION 3: The EU’s General Data Protection Regulation (GDPR)
11:40 a.m.
The law of the land in the EU member states since May 2018 has been the GDPR – the precursor to the “2.0” laws in the United States. To date, there have been 12 major actions representing almost € 360 million in fines. In this Session:

  • The GDPR Requirements: an authoritative overview of the most comprehensive legal framework.
  • Detailed examination of major features including consent requirements, rights to deletion and rights with respect to profiling.
  • Examination of the major EU enforcement actions

SESSION 4: “California, Happy New Year 2020”; the CCPA
1:30 p.m.
On January 1st, California residents enjoy new rights – and businesses have new obligations to contend with. What started as a grassroots movement for a data privacy referendum quickly evolved into major deliberations between lawmakers, privacy activists, and the tech industry - and eventually new law. This Session will cover:

  • CCPA Requirements: An authoritative overview.
  • Detailed explorations of “Opt-Out”, requests for information, requests for deletion, verifications and the slippery-slope of non-discrimination and incentives.
  • Insights into the newly-introduced (prospective) regulations.

SESSION 5: Compliance Programs: Practical Guidance for Managing the New Information Law Requirements.
2:20 p.m.
Major regulatory change means organizational change. Compliance counsels and technology officers provide guidance on regulatory compliance challenges and opportunities. In this Session:

  • Updated compliance program to reflect organizational priorities and objectives.
  • Privacy Policies and internal organizational controls.
  • Addressing the concerns of leadership and regulators.

SESSION 6: Data Governance: Practical Guidance for Data Inventory, Security and Identity Verification
3:20 p.m.
The key to effective transition to Privacy Law 2.0 is effective data governance: This Session will cover:

  • Data Inventory, Data Mapping and effective “Data Lifecycle” programs.
  • Information Security.
  • Consumer verification and the use of technologies, tools and resources for data governance.

Keynote: NJ State Assemblyman Andrew Zwicker
3:50 p.m.

  • Lawmaker insights into emerging state and federal laws of information privacy.
  • Perspectives on the development of a regulatory framework for consumer data.
  • Status on current NJ laws and information about the NJ state lawmaking process.