BakerHostetler
Alumni Login
| Subscribe | Print
Open search/close search button Open menu/close menu button
Services
Professionals
About Us
Offices
News/Resources
Diversity
Pro Bono
Careers
Alumni

Nichole L. Sterling

She | Her | Hers

Associate

New York
T +1.212.589.4282
F +1.212.589.4201
nsterling@bakerlaw.com
Download Vcard LinkedIn

Overview

Nichole Sterling focuses her practice on privacy and data protection, information governance, and emerging technology. A certified privacy professional (CIPP/E and CIPP/US), Nichole regularly advises on a variety of legal questions related to information and data usage. She assists clients with practical solutions to a wide range of domestic and cross-border regulatory and compliance matters related to records and information governance, technology, and negotiating the everchanging privacy and data protection landscape. Nichole also has significant experience handling all aspects of discovery in complex litigation and regulatory investigations, and frequently advises on electronic discovery issues, particularly as they intersect with privacy concerns. In addition to holding a foreign language doctorate, Nichole spent several years living and working in Europe, including a clerkship at the Court of Justice of the European Union, and is well-positioned to assist clients with cross-border data protection needs.

Select Experience

  • Advises on the requirements of the EU General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), and other privacy and data protection laws, and assists with the development, implementation, assessment and maintenance of compliance programs.
  • Counsels clients on information governance practices, including developing and implementing records retention schedules, maintenance and destruction policies, legal hold policies, and related procedures and materials.
  • Advises on international discovery and data protection issues, including the use of international data in U.S. litigation and regulatory investigations and international data breach notification requirements.
More »

Experience

  • Advises on the requirements of the EU General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), and other privacy and data protection laws, and assists with the development, implementation, assessment and maintenance of compliance programs.
  • Counsels clients on information governance practices, including developing and implementing records retention schedules, maintenance and destruction policies, legal hold policies, and related procedures and materials.
  • Advises on international discovery and data protection issues, including the use of international data in U.S. litigation and regulatory investigations and international data breach notification requirements.
  • Counsels personal data importers and exporters on compliance with international data transfer restrictions and data localization requirements, including the utilization of cross-border data transfer mechanisms. Assists clients with assessing and updating data transfer mechanisms after the invalidation of the EU-U.S. Privacy Shield Framework in Schrems II.
  • Drafts and negotiates data protection/data processing agreements regarding the handling of personal data and multi-party contracts in complex technology transactions, including associated artificial intelligence (AI) development and operation.
  • Provides guidance on the creation, development, and implementation of global privacy and security policies, standards, procedures and guidelines.
  • Works directly with in-house counsel, internal stakeholders, and third-party technologists to preserve evidence following cybersecurity incidents and manage discovery in subsequent class actions and regulatory investigations.
  • Researched and wrote memoranda and a technical annex describing the scope, impact, and legal implications of the EU’s Data Retention Directive as judicial background for the Court of Justice of the European Union’s decision in Digital Rights Ireland.
  • Member of the BakerHostetler team serving as court-appointed counsel to the Securities Investor Protection Act Trustee for the liquidation of Bernard L. Madoff Investment Securities LLC, an unprecedented recovery effort involving hundreds of actions.
  • Assists with developing and carrying out a coordinated discovery strategy, focusing on privilege issues, for a healthcare company involved in litigation that includes lawsuits in nearly every U.S. state, a federal multi-district litigation, a multi-state attorneys general investigation, and numerous other state and federal inquiries.
  • Supported discovery efforts in litigation and regulatory investigations in connection with the representation of one of the world’s leading credit rating agencies in all matters arising out of its rating of structured finance securities, including securities backed by subprime mortgages.

Recognitions and Memberships

Recognitions

  • Association of Certified E-Discovery Specialists (CEDS): Certified E-Discovery Specialist

  • International Association of Privacy Professionals (IAPP)

    • Certified Information Privacy Professional – Europe (CIPP/E)
    • Certified Information Privacy Professional – United States (CIPP/US)

Memberships

  • American Bar Association
    • Section of International Law
  • New York City Bar Association
  • New York State Bar Association
  • The Sedona Conference Working Group on Electronic Document Retention
    • Working Groups 1, 6, and 11

    • Sedona Conference Participant: Cooperation and Transparency, Cross-Border Privilege

News

News

Press Releases

Publications

Articles

Blog Posts

Pro Bono

  • Counseled global non-profits on privacy and data protection issues regarding social media, youth engagement, and GDPR compliance; updated information governance programs.
  • Revised and updated a nonprofit’s guide to state and federal employment rights for victims of domestic violence, sexual assault, or stalking.
  • Represented LGBT individuals seeking asylum in the United States; drafted and filed application materials and prepared materials to support the asylum application prior to the asylum interview.

Services

Emerging Issues

Prior Positions

  • European Court of Justice, Luxembourg: Dean Acheson Legal Stagiaire, Judge Thomas Von Danwitz
  • Law Clerk for Senate Judiciary Committee, Subcommittee on Privacy, Technology and the Law

Admissions

  • U.S. District Court, Southern District of New York
  • U.S. District Court, Eastern District of New York
  • New York

Education

  • J.D., University of Michigan Law School, 2012; Michigan Telecommunications and Technology Law Review, Executive Production Editor; International Transactions Clinic, Student Attorney (2010 to 2012)
  • Ph.D., Scandinavian Studies, University of California, Berkeley, 2008
  • B.A., Gustavus Adolphus College, 1997, magna cum laude; Phi Beta Kappa

Languages

  • Swedish

Blog

In The Blogs

Previous Next
Data Counsel
International Data Protection Update – First Quarter 2021
By Andreas T. Kaltsounis, Melinda L. McLellan, Nichole L. Sterling
March 29, 2021
This quarterly update highlights some of the international data protection issues that have caught our attention, and the attention of our clients, in the past three months. Europe, the Middle East and Africa Cookies and Tracking...
Read More ->
Data Counsel
Privacy and Product Counseling: 2020 in Review
By Carolina A. Alonso, Orga Cadet, Gerald J. Ferguson, Barbara D. Linney, Melinda L. McLellan, Veronica Reynolds, Nichole L. Sterling, Patrick R. Waldrop
December 17, 2020
Advising our clients on compliance with laws and regulations is, hands down, the most important aspect of our role as attorneys. In addition to seeking counsel on their obligations under laws and regulations, however – motivated by...
Read More ->
Data Counsel
European Authorities Release Back-to-Back Drafts Addressing Cross-Border Data Transfers
By Melinda L. McLellan, Nichole L. Sterling
November 19, 2020
Last week, both the European Data Protection Board (EDPB) and the European Commission released highly anticipated draft documents offering guidance to organizations that engage in cross-border data transfers involving EU personal data. The...
Read More ->
Data Counsel
Employee Training and Record-Keeping Requirements in the Final CCPA Regulations and a Preview of New Retention Requirements in the CPRA
By James A. Sherer, Nichole L. Sterling
September 15, 2020
The California Consumer Privacy Act (CCPA) does not in itself outline specific employee training or record-keeping requirements that demonstrate business compliance with the law. However, the California attorney general’s final CCPA...
Read More ->
Data Counsel
5 Key Things to Know about the Landmark Schrems II Decision
By Andreas T. Kaltsounis, Melinda L. McLellan, Jeewon K. Serrato, Nichole L. Sterling
July 16, 2020
Quick Links CJEU Press Release CJEU Decision Press Releases from the Parties Irish Data Protection Commission Max Schrems U.S. Department of Commerce Electronic Privacy Information Center (EPIC) BSA The Software Alliance DIGITALEUROPE 1...
Read More ->

Services

Find Professionals

Offices

About Us

Careers

Firm Diversity

LinkedIn Twitter Facebook Instagram Youtube RSS
Subscribe »
© 2021 Baker & Hostetler LLP