Christine Mastromonaco

Associate

San Francisco
T +1.415.659.2654
F +1.415.659.2601

Overview

Christine Mastromonaco builds privacy compliance programs to address the unique needs of each client. She is a trusted advisor on the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) and has represented financial services and fintech clients in state and federal courts in a wide array of commercial and class action matters.

Christine is experienced in drafting and updating organizations’ privacy policies and procedures as the privacy legal landscape continues to evolve. She also helps answer clients’ complex questions related to data mapping, online tracking technologies and vendor risk assessment. Christine’s thoughtful approach to counseling clients is informed by her background as a litigator. Having seen where disputes can arise, she is prepared to help clients anticipate legal risk to mitigate the possibility of litigation. 

Select Experience

  • Drafted U.S. and California privacy policies, cookie policies and internal procedures for responding to CCPA data requests for a parent corporation and its various subsidiaries. Such procedures detailed the protocols for responding to consumer and employer CCPA requests, including verification of consumer identity, designation of a response team and training of key personnel, grounds for denying a consumer request, methods of delivery of consumer data pursuant to a verified request and the necessity of keeping confidential personal information belonging to consumers other than the requesting party.
  • Advised Fortune 500 energy company regarding the applicability of CCPA/CPRA to its subsidiary under the statute’s common branding provision.
  • Counseled international cruise and hospitality company on GDPR and CCPA/CPRA risk with respect to SMS and email marketing campaigns.
More »

Experience

  • Drafted U.S. and California privacy policies, cookie policies and internal procedures for responding to CCPA data requests for a parent corporation and its various subsidiaries. Such procedures detailed the protocols for responding to consumer and employer CCPA requests, including verification of consumer identity, designation of a response team and training of key personnel, grounds for denying a consumer request, methods of delivery of consumer data pursuant to a verified request and the necessity of keeping confidential personal information belonging to consumers other than the requesting party.
  • Advised Fortune 500 energy company regarding the applicability of CCPA/CPRA to its subsidiary under the statute’s common branding provision.
  • Counseled international cruise and hospitality company on GDPR and CCPA/CPRA risk with respect to SMS and email marketing campaigns.

Marketing and AdTech Advice

  • Advised consumer products company on the privacy considerations under various state laws regarding the launch of a "refer-a-friend" marketing campaign wherein a consumer would receive a discount in exchange for providing the client with the name and email address of a friend.
  • Counseled medical device company on the privacy, HIPAA and TCPA considerations in sending SMS appointment reminders and marketing materials related to lapiplasty surgery health services.
  • Advised clients in various sectors regarding the use of cookies and other online tracking technologies, including the development of cookie notices.

Regulatory Compliance

  • Advised asset management firm in its acquisition of an online pharmacy. Conducted due diligence with respect to the target company’s privacy program including internal review of CCPA and HIPAA policies and procedures.
  • Drafted U.S. and California privacy policies and cookie policies for a national food distribution corporation and its various subsidiaries as well as internal procedures for responding to CCPA data requests, which included issues concerning verification of consumer identity, designation of a response team and training of key personnel, grounds for denying a consumer request, methods of delivery of consumer data pursuant to a verified request and the necessity of keeping confidential personal information belonging to consumers other than the requesting party.
  • Developed online privacy policies, online terms of use and HIPAA compliant practices for videoconferencing for mental healthcare client.
  • Represented clients in a variety of sectors including food and beverage, manufacturing, management consulting and telehealth in the negotiation of DPAs.

Data Strategy and Product Counseling

  • Advised cruise ship company in the cross-marketing of its services via text message and email campaigns to customers of its European subsidiary. Provided counsel regarding the implications under the CCPA, GDPR and TCPA with respect to sharing personal information between parent and subsidiary and the disclosure of personal information to marketing vendors.
  • Counseled digital payments company on the wording in their user flow and cookie policy in anticipation of the company adopting a digital tracking technology which enables their app to remember the user's external banking and account information, thereby eliminating the need for the user to enter their third party bank information each time they used the app.

Recognitions and Memberships

Prior Positions

  • Kiavi (LendingHome): Law Clerk (2016)

Admissions

  • U.S. District Court, Central District of California
  • U.S. District Court, Eastern District of California
  • U.S. District Court, Northern District of California
  • U.S. District Court, Southern District of California
  • U.S. Court of Appeals, Ninth Circuit
  • California

Education

  • J.D., University of California, Hastings College of Law, 2017, cum laude; Hastings Business Law Journal, Senior Editor (2016) and Staff Editor (2015 to 2016)
  • B.A., California Polytechnic State University, San Luis Obispo, 2013