Lisa J. Sotto

Lisa J. Sotto

Partner

Memberships

Chair, US Department of Homeland Security's Data Privacy and Integrity Advisory Committee, 2012-present; appointed to Committee by Secretaries Nielson, Johnson, Napolitano, Chertoff and Ridge; Chair, Policy Subcommittee, 2010-2012; Committee Vice Chair, 2005-2009; Member, Cybersecurity Subcommittee, 2013-present (requiring Top Secret security clearance)

Co-chair, International Privacy Law Committee, New York State Bar Association, 2007-present

Chair, New York Privacy Officers Forum, 2007-present

Lead Advisor, DataGuidance US Panel of Experts, 2008-present

Member, Law and Ethics Advisory Board, SAI Global, 2005-present

Member, American Law Institute

Fellow, American Bar Foundation

Member, Board of Directors, International Association of Privacy Professionals, 2010-2015

Member, Board of Directors, Identity Theft Resource Center, 2010–2012

Biography

Lisa chairs the firm's top-ranked global privacy and cybersecurity practice and is the managing partner of the firm's New York office.

Lisa has received widespread recognition for her work in the areas of privacy and cybersecurity. Chambers USA 2018 quotes clients who call her a “market leader,” noting that she is “widely considered the best.” Another client reported that “she is a strong leader with fantastic advice. She does great work on advisory boards and her leadership in the industry has really moved it forward.” Clients have called Lisa “the high priestess of privacy” and “the queen of breach.” She was named among The National Law Journal's “100 Most Influential Lawyers,” an honor bestowed on practicing attorneys who are making the biggest impact in the legal world.

A preeminent lawyer and dynamic problem solver, Lisa assists clients in identifying, evaluating and managing risks associated with privacy and data security practices. She advises clients on the California Consumer Privacy Act of 2018, GLB, HIPAA, COPPA, CAN-SPAM, FCRA, VPPA, security breach notification laws, and other U.S. state and federal privacy and data security requirements (including HR rules), and global data protection laws (including those in the EU, Asia and Latin America). She provides extensive advice on cybersecurity risks, incidents and policy issues, including proactive cyber incident readiness. Through the firm's privacy and security in M&A transactions team, Lisa also guides clients on risks and potential liabilities associated with inadequate privacy and data security practices in high-stakes corporate transactions. She conducts all phases of online and offline privacy assessments and information security policy audits. She also develops corporate records management programs, including policies, records retention schedules and training modules.

Lisa has been rated the “No. 1 privacy professional” in all surveys by Computerworld magazine. She is recognized by Chambers and Partners as a “Star” performer (the highest honor) for privacy and data security—the only privacy lawyer in the United States to receive this distinguished ranking. Lisa also is recognized as a leading lawyer for cyber crime, data protection and privacy by The Legal 500 United States. In addition, Hunton Andrews Kurth's privacy and cybersecurity practice has received the topmost national rankings in privacy and data security both from Chambers and Partners and The Legal 500.

Lisa speaks frequently at conferences, testifies regularly before the US Congress and other legislative and regulatory agencies, is the author of numerous treatises and articles, has been tapped to lead several industry committees and organizations, is sought after by media outlets and industry publications for her professional insights, and appears regularly on national television and radio news programs. She is the editor and lead author of the Privacy and Cybersecurity Law Deskbook, published by Aspen Publishers, Wolters Kluwer Law & Business.