Cyber law (including data privacy and data protection)
Hall of Fame
The lawyers at the very top of the profession, widely known and respected by peers and clients for their longstanding involvement in market-leading work.
Hall of fameDLA Piper LLP (US)
Partner; US Chair and Global Co-Chair, Data Protection, Privacy and Security practice
Hall of fameHunton Andrews Kurth LLP
Lisa chairs Hunton Andrews Kurth's top-ranked global privacy and cybersecurity practice, is the managing partner of the firm’s New York office, and is an ex officio member of the firm's Executive Committee.
Hall of fameSheppard, Mullin, Richter & Hampton LLP
Liisa Thomas, a partner based in Sheppard Mullin's Chicago and London offices, is Leader of the firm's Privacy and Cybersecurity Team and Office Managing Partner of the firm's Chicago office. Liisa's clients rely on her ability to provide clarity in a sea of confusing legal requirements and describe her as "extremely responsive, while providing thoughtful legal analysis combined with real world practical advice." She is the author of two treatises: Thomas on Data Breach: A Practical Guide to Handling Worldwide Data Breach Notification, which has been described as "a no-nonsense roadmap for in-house and external practitioners alike;" and Thomas on Big Data, praised for being a "comprehensive and detailed analysis of the complex and rapidly changing world of privacy law." Liisa is known as an industry leader in the privacy and data security space and has been recognized by Best Lawyers in America, Leading Lawyers Network, Chambers and The Legal 500, as well as noted by leading publications and organizations for her "broad depth of privacy knowledge." Among other honors, she was named Lawyer of the Year – Privacy and Data Security 2022 by Best Lawyers; to Cybersecurity Docket's "Incident Response 30," honoring 30 incident response professionals critical to managing data breaches, in both 2016 and 2018; recognized as the 2017 "Data Protection Lawyer of the Year - USA" by Global 100; honored as the 2017 "U.S. Data Protection Lawyer of the Year" by Finance Monthly; and the recipient of the "Best in Data Security Law Services" at Corporate LiveWire’s 2017 Global Awards. Liisa, who was born in Finland and previously lived in France, Egypt and Spain, frequently coordinates global efforts in the privacy area for her clients. Clients value her global insights and familiarity with business systems outside of the U.S. With Liisa’s assistance, her clients – which include major consumer brands, advertising agencies and consumer research companies – are able to navigate thorny data breach disclosure issues, use emerging interactive advertising techniques and create compliant security programs, all while effectively managing their legal risks. Clients praise Liisa’s ability to add real value to their businesses, and describe her as "keeping [clients] one step ahead of where [they] need to be." Liisa is an active advocate of women and minorities in the legal industry and was honored for her leadership in the legal field by the Illinois Diversity Council. She is currently an adjunct professor in Northwestern University Law School where she is the recipient of the Edward Avery Harriman Law School Lectureship. She formerly taught privacy courses at several other Chicago-area law schools, including her alma mater, the University of Chicago. Liisa is the Vice-Chair of the Board of Trustees of the Chicago Symphony Orchestra, Chair of the CSO’s Negaunee Music Institute Board and plays violin in the Chicago Bar Association Symphony Orchestra, an orchestra made up of lawyers and judges.
Rising stars
Rising stars with regular involvement in their team's key work, and recognition from peers or clients as being ones to watch.
Linklaters LLP
Eversheds Sutherland
Fenwick & West LLP
Next Generation Partners
Junior partners with significant recognition from clients and peers in the market and key roles on multiple matters.
Reed Smith LLP
Reed Smith LLP
Leading lawyers
The strongest partners in their field, leading on market-leading deals and endorsed by peers and clients alike.
Debevoise & Plimpton LLP
Luke Dembosky co-chairs Debevoise & Plimpton’s global Data Strategy and Security practice. He advises companies on managing cyber risks, responding to cyber incidents and handling related internal investigations and regulatory defense.
Debevoise & Plimpton LLP
Mr. Gesser is Co-Chair of the firm’s Data Strategy & Security Group. His practice focuses on advising major companies on a wide range of cybersecurity, privacy and artificial intelligence matters.
WilmerHale
Co-Chair, Cybersecurity and Privacy Practice Partner in WilmerHale's Washington DC Office
Gibson, Dunn & Crutcher LLP
Alex Southwell is one of the nation’s leading technology-focused litigators and investigations lawyers. He is regularly called upon by numerous prominent global companies to counsel on—as well as handle investigations, enforcement defense, and litigation related to—a wide array of privacy, data breach, theft of trade secrets, computer fraud, and network and data security issues, often for the most novel, challenging, or technical matters. A former federal prosecutor, he advises companies victimized by cyber-crimes and has extensive experience with the Computer Fraud and Abuse Act, the Economic Espionage Act, the Electronic Communications Privacy Act and Stored Communications Act, and related federal and state statutes, as well as with privacy compliance counseling and FTC and AG regulatory enforcement.
McDermott Will & Emery LLP
Edward G. Zacharias is the managing partner of McDermott’s Boston office. Clients across the healthcare industry and beyond turn to him for practical, business-oriented counsel on their most significant privacy and cybersecurity compliance, healthcare regulatory and transactional matters. Ed’s clients include “Big Tech” companies, health information technology and digital health companies, healthcare providers, insurers, electronic health record platforms, pharmacies, drug and device manufacturers, life sciences companies and health services vendors. Ed helps clients assess and develop innovative technologies (including AI/ML-enabled products) to comply with applicable laws while achieving their business objectives. He is a Certified Information Privacy Professional (CIPP/US) and advises clients on a broad range of information privacy and cybersecurity laws, including HIPAA, HITECH Act, 42 CFR Part 2, CCPA/CPRA and other state consumer privacy laws, GDPR, NYDFS Cybersecurity Regulation, and other privacy and cybersecurity regimes. Ed manages complex, high-profile ransomware attacks and other data breaches, guiding clients through all aspects of incident response and remediation. He is one of the nation’s leading lawyers in responding to HIPAA compliance investigations by the US Department of Health and Human Services Office for Civil Rights and state attorneys general. Ed has extensive experience negotiating favorable settlements on behalf of clients when these investigations result in allegations of noncompliance. Ed has partnered with clients from across the technology and healthcare spectrum in their response efforts related to the COVID-19 pandemic, including advising on the use of technologies to facilitate communications among providers and patients, and helping organizations address the related privacy, cybersecurity, telehealth, medical device and other legal considerations.
Kelley Drye & Warren LLP
Venable LLP