James A. Sherer

He | Him | His


New York
T +1.212.589.4279
F +1.212.589.4201

"James Sherer’s experience covers an impressive range of discovery, data management and privacy issues. Peers consider him a ‘wonderful’ practitioner and appreciate his ability to ‘boil things down’."

— Chambers Global (USA) 2021


James Sherer is a co-leader of the Emerging Technology team of BakerHostetler’s Digital Assets and Data Management group and directs the firm's Artificial Intelligence and Information Governance engagements. His work focuses on litigation; discovery management processes; enterprise risk management; records and information governance; data privacy, security and bank secrecy; artificial intelligence and algorithmic transparency; technology integration issues; and related merger and acquisition diligence. Prior to joining BakerHostetler, James worked as in-house litigator with a Fortune 500 company and previously practiced litigation in New York. He holds an M.B.A., his CIPP/US, CIPP/E, CIPM, FIP, and PLS data privacy professional credentials, the CIP and IGP information governance designations, the UCLA Extension Global Cyber Institute's Cybersecurity Certification, and the CEDS and CMLAW-EPC eDiscovery specialist credentials. James is also a member of The Sedona Conference® Working Groups One, Six, and Eleven; and writes and presents on e-discovery, information governance, privacy, investigation, and merger and acquisition issues.

Select Experience

  • Assist organizations in developing, implementing, and maintaining privacy programs and compliance with the California Consumer Protection Act (CCPA) as well as other state and federal privacy legislation.

  • Assist clients in considerations of and responses to inquiries regarding the General Data Protection Regulation (GDPR), including coordination with local counsel and developing appropriate multinational strategies.

  • Advise organizations in support of international data transfers, including cross-border transfer mechanisms, standard contractual clauses, inter- and intra-company agreements, and binding corporate rules.

More »


  • Assist organizations in developing, implementing, and maintaining privacy programs and compliance with the California Consumer Protection Act (CCPA) as well as other state and federal privacy legislation.

  • Assist clients in considerations of and responses to inquiries regarding the General Data Protection Regulation (GDPR), including coordination with local counsel and developing appropriate multinational strategies.

  • Advise organizations in support of international data transfers, including cross-border transfer mechanisms, standard contractual clauses, inter- and intra-company agreements, and binding corporate rules.

  • Advise clients on Information Governance strategy, Record Retention requirements, and the intersection of Litigation Hold and compliance issues.

  • Assist clients with the development of Artificial Intelligence (AI) compliance programs and policies, data procurement efforts, and implicated privacy and security protocols.

  • Advised the records and information management department of a U.S.-based multinational manufacturing organization on a worldwide pilot program for data management centered on corporate and personal email management, as well as licensing and implementation of outside vendor software. Examined and analyzed implementation issues. Advised on software implementation steps and modifications to the pilot program in accordance with risks identified through data analysis.

  • Advised an organization with tens of thousands of core and franchise operations in nearly 120 countries regarding e-discovery and data privacy corporate policy, and related intercorporate procedures and responsibilities. Drafted and updated an international discovery consideration protocol and provided advice to the organization. Focused on e-discovery preservation and data protection issues; the collection, processing and control of sensitive data; Hague Evidence Convention and Letters Rogatory practices; and Data Protection Authority guidance.

  • Advised a client on proposed integration of Blockchain processes into existing infrastructure and operations associated with origination, fulfillment, settlement, and mortgage servicing. Counseling included considerations of Distributed Ledger Technology (DLT), Smart Contracts, and digital payment issues in support of client Information Governance and records and information management services.

  • Advised a company when an employee working for the organization's operations in India and the U.S. blew the whistle on an alleged fraudulent invoicing and bribery scheme. The whistleblower threatened claims of internal corruption, bribery, Sarbanes-Oxley violations, defamation, tortious interference and breach of contract. Advised on 2011 Indian Privacy Rules; coordinated the preservation and collection of electronic information and other data; interviewed employees; and directed associate, paralegal, in-house resources, outside merits and employment counsel regarding litigation risk analysis and data management issues.

  • Directed a team developing information governance guidance for the records and information management department of a multinational pharmaceutical organization. The organization required review and analysis of international records and its information program to determine compliance with local and international data privacy regulations, records, and e-discovery requirements. Project required region-by-region analysis, as well as analysis for instances of cross-border inconsistencies.

  • Advised the records and information management department of a multinational manufacturing organization concerning domestic and international merger, acquisition, divestiture, and asset purchase and sale activity. Defined and proposed a step-by-step process to evaluate and comply with associated RIM, e-discovery, data privacy and data security requirements. Led directly to development and presentation at 2012 IAPP International Data Protection Congress in Brussels.

  • Assisted Israeli technology company with interviews of personnel involved with accounting inconsistencies related to reserves in books in various foreign locales, drawing on accounting and white collar defense experience. Evaluated privacy issues associated with Israel's Protection of Privacy Law 1981, while coordinating, supervising and directing a team of Israeli attorney reviewers, firm associates and paralegals; also developed the investigation and managed e-discovery work.

  • Represented a multinational chemical company in a legacy remediation information governance project to review freight containers of inherited documents from the purchase of a subsidiary's operations. Directly responsible for the project's proposal, budget and execution. Employed and directed paralegals and outside firm in reviewing and evaluating documents for existing and potential litigation issues, appropriate records and information management practices, and business records.

  • Assisted the U.S. subsidiary of a French chemical company when it was sued for alleged personal injuries as part of a putative class action. Audited the organization's practices, interviewed employees and officers, performed extensive data analysis and review, and directed paralegals and junior attorneys. Argued for restriction on French data involved in U.S. litigation while accounting for 1978 French LIL Act.

  • Advised a U.S. organization with overseas operations in multiple jurisdictions when it was undertaking and asset purchase in the hundreds of millions of dollars of a going concern. Rather than a strict asset purchase, the acquired going concern retained significant domestic and international operations. Advised on the organization's proposed data migration plan as it related to ongoing litigation, e-discovery preservation, data privacy issues, significant data security concerns, and harmonization with the organization's records and information management. Performed interviews, undertook and managed data security assessments, evaluated the impact of the UK's Data Protection Act, coordinated document collection and retention efforts by employees, and proposed risk-benefit analyses regarding strategies to transfer and mask data.

  • Assisted a multinational manufacturing company engaged in insurance coverage litigation. Undertook the internal investigation and evaluation of environmental records associated with certain policy provisions. Developed method and strategy for, and subsequently supervised review of, the on-site paralegal and attorney review team. Reviewed records, identified documents of interest for litigation, and segregated and evaluated documents with inherent value to the organization. The project included domestic data privacy concerns associated with personally identifiable information and masking strategies.

  • Assisted a multinational pharmaceutical organization after instigation of personal injury claims in national and worldwide class action litigation. Managed components of a multimillion-document discovery project, and developed strategies to implement database segregation and hosting procedures.

Recognitions and Memberships


  • Certified Information Privacy Professional – United States (CIPP/US)
  • Chambers Global
    • E-Discovery & Information Governance (USA) (2021) – Band 4; (2019, 2020) – Up & Coming
  • Chambers USA
    • Nationwide: Litigation: E-Discovery (2018, 2019) – Up & Coming; (2020) – Band 4
  • New York Metro Super Lawyers "Rising Star" (2014 to 2017)
  • New York State Bar Association: Empire State Counsel for Pro Bono Work (2012, 2014 to 2016, 2018)
  • District of Columbia Court of Appeals: Capital Pro Bono Honor Roll for Pro Bono Work (2012, 2015, 2017, 2018)


  • American Bar Foundation
    • Fellow
  • Association of Certified E-Discovery Specialists (ACEDS)
    • Certified E-Discovery Specialist (CEDS)
    • ACEDS New York Metro Board Member
  • Association of Records Managers and Administrators (ARMA)
    • Information Governance Professional (IGP)
  • Association for Information and Image Management (AIIM)
    • Certified Information Professional (CIP)
  • Cleveland-Marshall College of Law
    • e-Discovery Professional Certificate (CMLAW-EPC)
  • International Association of Privacy Professionals (IAPP)
    • Certified Information Privacy Professional – United States (CIPP/US)
    • Certified Information Privacy Professional – Europe (CIPP/E)
    • Certified Information Privacy Manager (CIPM)
    • Fellow of Information Privacy (FIP)
    • Privacy Law Specialist (PLS)
  • The Sedona Conference
    • Working Groups 1, 6 and 11
    • Sedona Conference Participant: Search, Achieving Quality, Data Privacy and Security, Information Governance, Artificial Intelligence and Algorithmic Transparency, and Merger & Acquisition Drafting Teams
  • New York State Bar Association (NYSBA)
    • NYSBA eDiscovery Committee Member
  • New York E-Discovery Counsel Delegate
  • UCLA Extension – Global Cyber Institute
    • Cybersecurity Certification



Press Releases


  • Cleveland Manor, Incorporated: Board of Directors (2008 to 2016; 2018 to present)
  • The Stecher & Horowitz Foundation: Board of Directors (2015 to present)

Prior Positions

  • Redgrave LLP: Partner (2010 to 2013)
  • The Dow Chemical Company: Litigation Attorney (2007 to 2010)
  • Dickstein Shapiro L.L.P: Litigation Associate (2005 to 2007)
  • Hughes, Hubbard & Reed L.L.P.: Litigation Associate (2002 to 2005)


  • U.S. Court of Appeals, Federal Circuit
  • U.S. Court of Appeals, Second Circuit
  • U.S. Court of Appeals, District of Columbia Circuit
  • U.S. District Court, Northern District of New York
  • U.S. District Court, Southern District of New York
  • U.S. District Court, Eastern District of New York
  • U.S. District Court, Western District of New York
  • U.S. Supreme Court
  • New York
  • Michigan
  • District of Columbia


  • M.B.A., Finance, Central Michigan University, 2009, Valedictorian, Beta Gamma Sigma
  • J.D., Columbia University School of Law, 2002
  • A.B., English and Psychology, University of Michigan, 1999, class honors, Golden Key Honor Society, Psi Chi


In The Blogs

Previous Next
Data Counsel
Pairing Real-World™ Problems with Realistic Solutions – a Push for Practical Information Governance
By Adam I. Cohen, James A. Sherer
June 18, 2021
For those attorneys and information governance practitioners unfamiliar with recent pedagogic advancements, “real-world problem solving” moves teaching approaches away from the classical model that assumes individuals will operate...
Data Counsel
The Not-So-Hidden FTC Guidance on Organizational Use of Artificial Intelligence (AI), from Data Gathering Through Model Audits
By Stanton P. Burke, James A. Sherer, Nichole L. Sterling
May 24, 2021
Our last AI post on this blog, the New (if Decidedly Not ‘Final’) Frontier of Artificial Intelligence Regulation, touched on both the Federal Trade Commission’s (FTC) April 19, 2021, AI guidance and the European Commission’s proposed AI...
Data Counsel
The New (if Decidedly Not ‘Final') Frontier of Artificial Intelligence Regulation
By Stanton P. Burke, Chad A. Rutkowski, James A. Sherer, Nichole L. Sterling
April 27, 2021
The week of April 19 was an eventful one for practitioners following the evolution of potential artificial intelligence (AI) enforcement both in the United States and abroad, answering some questions regarding which regulators were going...
Data Counsel
Employee Training and Record-Keeping Requirements in the Final CCPA Regulations and a Preview of New Retention Requirements in the CPRA
By James A. Sherer, Nichole L. Sterling
September 15, 2020
The California Consumer Privacy Act (CCPA) does not in itself outline specific employee training or record-keeping requirements that demonstrate business compliance with the law. However, the California attorney general’s final CCPA...
Discovery Advocate
Key COVID-19 Considerations for U.S. Discovery and Information Governance
By Gilbert S. Keteltas, James A. Sherer
May 21, 2020
Many businesses have remote work and bring-your-own-device policies that cover access to company systems and information from personal devices. These policies may also state expectations or requirements for the management and security of...