James A. Sherer

Assist organizations in developing, implementing, and maintaining privacy programs and compliance with the California Consumer Protection Act (CCPA) and the California Privacy Rights Act (CPRA), as well as other state and federal privacy legislation.

Assist clients in considerations of and responses to inquiries regarding the General Data Protection Regulation (GDPR), including coordination with local counsel and developing appropriate multinational strategies.

Advise organizations in support of international data transfers, including cross-border transfer mechanisms, standard contractual clauses, inter- and intra-company agreements, and binding corporate rules.

Advise clients on Information Governance strategy, Record Retention requirements, and the intersection of Litigation Hold and compliance issues.

Assist clients with the development of Artificial Intelligence (AI) compliance programs and policies, data procurement efforts, and implicated privacy and security protocols.

Advised the records and information management department of a U.S.-based multinational manufacturing organization on a worldwide pilot program for data management centered on corporate and personal email management, as well as licensing and implementation of outside vendor software. Examined and analyzed implementation issues. Advised on software implementation steps and modifications to the pilot program in accordance with risks identified through data analysis.

Advised an organization with tens of thousands of core and franchise operations in nearly 120 countries regarding e-discovery and data privacy corporate policy, and related intercorporate procedures and responsibilities. Drafted and updated an international discovery consideration protocol and provided advice to the organization. Focused on e-discovery preservation and data protection issues; the collection, processing and control of sensitive data; Hague Evidence Convention and Letters Rogatory practices; and Data Protection Authority guidance.

Advised a client on proposed integration of Blockchain processes into existing infrastructure and operations associated with origination, fulfillment, settlement, and mortgage servicing. Counseling included considerations of Distributed Ledger Technology (DLT), Smart Contracts, and digital payment issues in support of client Information Governance and records and information management services.

Advised a company when an employee working for the organization's operations in India and the U.S. blew the whistle on an alleged fraudulent invoicing and bribery scheme. The whistleblower threatened claims of internal corruption, bribery, Sarbanes-Oxley violations, defamation, tortious interference and breach of contract. Advised on 2011 Indian Privacy Rules; coordinated the preservation and collection of electronic information and other data; interviewed employees; and directed associate, paralegal, in-house resources, outside merits and employment counsel regarding litigation risk analysis and data management issues.

Directed a team developing information governance guidance for the records and information management department of a multinational pharmaceutical organization. The organization required review and analysis of international records and its information program to determine compliance with local and international data privacy regulations, records, and e-discovery requirements. Project required region-by-region analysis, as well as analysis for instances of cross-border inconsistencies.

Advised the records and information management department of a multinational manufacturing organization concerning domestic and international merger, acquisition, divestiture, and asset purchase and sale activity. Defined and proposed a step-by-step process to evaluate and comply with associated RIM, e-discovery, data privacy and data security requirements. Led directly to development and presentation at 2012 IAPP International Data Protection Congress in Brussels.

Assisted Israeli technology company with interviews of personnel involved with accounting inconsistencies related to reserves in books in various foreign locales, drawing on accounting and white-collar defense experience. Evaluated privacy issues associated with Israel's Protection of Privacy Law 1981, while coordinating, supervising and directing a team of Israeli attorney reviewers, firm associates and paralegals; also developed the investigation and managed e-discovery work.

Represented a multinational chemical company in a legacy remediation information governance project to review freight containers of inherited documents from the purchase of a subsidiary's operations. Directly responsible for the project's proposal, budget and execution. Employed and directed paralegals and outside firm in reviewing and evaluating documents for existing and potential litigation issues, appropriate records and information management practices, and business records.

Assisted the U.S. subsidiary of a French chemical company when it was sued for alleged personal injuries as part of a putative class action. Audited the organization's practices, interviewed employees and officers, performed extensive data analysis and review, and directed paralegals and junior attorneys. Argued for restriction on French data involved in U.S. litigation while accounting for 1978 French LIL Act.

Advised a U.S. organization with overseas operations in multiple jurisdictions when it was undertaking and asset purchase in the hundreds of millions of dollars of a going concern. Rather than a strict asset purchase, the acquired going concern retained significant domestic and international operations. Advised on the organization's proposed data migration plan as it related to ongoing litigation, e-discovery preservation, data privacy issues, significant data security concerns, and harmonization with the organization's records and information management. Performed interviews, undertook and managed data security assessments, evaluated the impact of the UK's Data Protection Act, coordinated document collection and retention efforts by employees, and proposed risk-benefit analyses regarding strategies to transfer and mask data.

Assisted a multinational manufacturing company engaged in insurance coverage litigation. Undertook the internal investigation and evaluation of environmental records associated with certain policy provisions. Developed method and strategy for, and subsequently supervised review of, the on-site paralegal and attorney review team. Reviewed records, identified documents of interest for litigation, and segregated and evaluated documents with inherent value to the organization. The project included domestic data privacy concerns associated with personally identifiable information and masking strategies.

Assisted a multinational pharmaceutical organization after instigation of personal injury claims in national and worldwide class action litigation. Managed components of a multimillion-document discovery project, and developed strategies to implement database segregation and hosting procedures.

• Fellow

• Board of Directors (2018 to present)
• Certified E-Discovery Specialist (CEDS)

• Information Governance Professional (IGP)

• Certified Information Professional (CIP)

• e-Discovery Professional Certificate (CMLAW-EPC)

• Member - P2863 Organizational Governance of Artificial Intelligence Working Group

• Certified Information Privacy Professional – United States (CIPP/US)
• Certified Information Privacy Professional – Europe (CIPP/E)
• Certified Information Privacy Manager (CIPM)
• Fellow of Information Privacy (FIP)
• Privacy Law Specialist (PLS)

• Working Groups 1, 6 and 11
• Sedona Conference Participant: Search, Achieving Quality, Data Privacy and Security, Information Governance, Artificial Intelligence and Algorithmic Transparency, and Merger & Acquisition Drafting Teams

• NYSBA eDiscovery Committee Member

• Cybersecurity Certification