Careers

Diversity

With 18 offices, from New York to Los Angeles and Seattle to Orlando, we live and work in communities all over the U.S., collaborating across locations, disciplines and even borders. Our experienced, highly ranked lawyers serve businesses wherever they are and wherever they want to go.

Offices

About Us

Pages

Professionals

Thought leadership: blogs, podcasts, videos, publications, events and news

Insights

Services

Pro Bono

Am Law 100 firm with practices in Business, Digital Assets and Data Management, Intellectual Property, Labor & Employment, Litigation and Tax.

Home | BakerHostetler

John Carney Chairs and Speaks, Jimmy Fokas Speaks at PLI Basics of Accounting for Lawyers 2025

Webinar Series: Transforming Legacy Management Experience

Rebecca Schrote Presents on APEX Depositions at Columbus Bar Association CLE Session

To Help the New Administration Help Your Industry, You Need an Agency Strategy (Real Estate Finance Journal)

We work with the key personnel who have responsibility for privacy and security and for technology infrastructure, including chief information and privacy officers, marketing team leaders, compliance officers, finance leaders and in-house legal teams. Our incident response experience and regulatory knowledge mean we are uniquely qualified to examine both internal and privacy governance policies. Our deep understanding of technology positions us to advise clients regarding the best practices for technology transactions, including negotiating agreements regarding cloud services and technology infrastructure as well as data ownership and other key issues that arise when companies do business together.

core/paragraph

core/heading

We advise clients on how to develop and maintain consumer privacy programs. In addition, we help clients assess privacy impacts and employ privacy by design to balance commercial and consumer interests and to craft transparent, accurate and customer-friendly notices regarding data practices.

Our deep experience and relationships with state attorneys general and other regulatory officials allow us to deal efficiently with investigatory inquiries, often resulting in positive dispositions, including the conclusion of investigations without any charges being brought.

California Consumer Privacy Act (CCPA) and other state privacy laws.

core/list-item

General Data Protection Regulation (GDPR).

Attorney General privacy investigations related to data collection and use.

The Children’s Online Privacy Protection Act (COPPA).

Telephone Consumer Protection Act (TCPA) and Controlling the Assault of Non-Solicited Pornography and Marketing Act compliance.

core/list

Our team has a well-grounded understanding of transactions involving the use, licensing, acquisition and commercialization of data and technology. We review, negotiate and draft agreements and agreement provisions regarding:

The PCI Data Security Standard and protected health information.

We handle agreements involving all forms of cloud service (SaaS, IaaS, PaaS), video game development, mobile apps, music distribution, geolocation, payment processing, fraud prevention, data analytics and digital advertising.

In addition, as companies everywhere undergo digital transformation, our team offers guidance on where opportunities and vulnerabilities lie and assists in designing plans to manage, protect and leverage your digital assets, including Big Data, predictive analysis, machine learning, robotics, the Internet of Things (IoT), and voice, text and vision recognition.

We provide comprehensive advice regarding the EU’s General Data Protection Regulation (GDPR) and the new California Consumer Privacy Act (CCPA), including:

Compliance program development and implementation.

Privacy and data security assessments to prepare for the impact of the private right of action arising from security incidents.

Tracking legislative and regulatory developments.

Identifying, engaging and managing IT consultants and solutions.

contentpilot/expand-more

<ul>
<li>Selected as a 2020-2021 “Pacesetter” in Cybersecurity Services by ALM Intelligence Pacesetter Research</li>
<li>BTI Powerhouse for Cybersecurity Litigation (2022 to 2025)</li>
<li>BTI Cybersecurity Powerhouse and BTI CyberSavvy Law Firm (2020)</li>
<li>Chambers Global
<ul>
<li>Privacy &amp; Data Security: The Elite (USA) (2022 to 2025)</li>
<li>Privacy &amp; Data Security (USA) (2014 to 2021)</li>
<li>Privacy &amp; Data Security: Healthcare (USA) (2018 to 2025)</li>
<li>Privacy &amp; Data Security: Litigation (USA) (2024, 2025)</li>
</ul>
</li>
<li>Chambers Fintech
<ul>
<li>Legal – USA (2018 to 2025)</li>
<li>Legal – Blockchain &amp; Cryptocurrencies (2023 to 2025)</li>
<li>2024 and 2025 Band #1 ranking in Legal – Data Protection &amp; Cyber Security (2023 to 2025)</li>
</ul>
</li>
<li>Chambers USA
<ul>
<li>Advertising: NAD Proceedings – Nationwide (2022, 2024)</li>
<li>Advertising: Transactional &amp; Regulatory – Nationwide (2018 to 2024)</li>
<li>Privacy &amp; Data Security: The Elite – Nationwide (2021 to 2024)</li>
<li>Privacy &amp; Data Security: Litigation – Nationwide (2024)</li>
<li>Privacy &amp; Data Security – Nationwide (2013 to 2020)</li>
<li>Privacy &amp; Data Security: Healthcare – Nationwide (2018 to 2024)</li>
</ul>
</li>
<li>Chambers USA Award: “Privacy &amp; Data Security Team of the Year” finalist (2015, 2017)</li>
<li>The Legal 500 United States
<ul>
<li>Media, Technology and Telecoms: Advertising and Marketing: Transactional and Regulatory (2018 to 2024)</li>
<li>Media, Technology and Telecoms: Cyber law (including data privacy and data protection) (2021 to 2024)</li>
<li>Media, Technology and Telecoms: Cyber Law (2016 to 2020)</li>
<li>Media, Technology and Telecoms: Data Privacy and Data Protection (2016 to 2020)</li>
</ul>
</li>
<li>Law360: Privacy &#8220;Practice Group of the Year&#8221; (2013 to 2015, 2018)</li>
<li>Selected for Vault’s Guide to Legal Practice Areas
<ul>
<li>Privacy and Data Security (2017 to 2025)</li>
</ul>
</li>
<li><em>U.S. News – Best Lawyers </em>“Best Law Firms” – National Rankings
<ul>
<li>Advertising Law (2018 to 2025)</li>
<li>Information Technology Law (2013 to 2025)</li>
<li>Technology Law (2012 to 2025)</li>
</ul>
</li>
</ul>


R. Bisi Adeyemo

Gerald J. Ferguson

Fernando A. Bohorquez Jr.

Brian A. Bulson

Robyn M. Feldstein

Theodore J. Kobus III

Jonathan A. Forman

James A. Sherer

Melinda L. McLellan

Theresa M. Weisenberger

Christopher M. Arena

Lisa N. Collins

Kyle R. Gregory

Nichole L. Sterling

May Tal Gongolevsky

Carolina A. Alonso

Andreas T. Kaltsounis

Janine Anthony Bowen

Taylor A. Bloom

Timothy M. Swan

Orga Cadet

David Sherman

Craig C. Carpenter

Justin T. Yedor

Whitney Q. Schneider-White

Erika Vela

Jennifer L. Mitchell

Sherman G. Helenese

Jacob T. Wall

Antonette E. Igbenoba

Jiwon (Jamie) Kim

Chad A. Rutkowski

Jessica S. Johnson

Diana C. Milton

Kimberly C. Gordy

Delia Reid

Aaron B. Goodman

Danielle A. A. Richardson

Robyn Lin

New York

Partner

Atlanta

Justin Yedor Comments on Recent CPPA Delete Act Enforcement in Lexology

BakerHostetler’s DADM Practice Group Selected for Vault’s “Guide to Legal Practice Areas” for 8th Consecutive Year

Webinar: The Privacy Strategist 2025 – Mind the Gap: Avoiding the Privacy Pitfalls of Overlooked Personal Data

Data Counsel

Heightened Protection of Reproductive Health Information at US State Level on the Rise – Amendments to Virginia’s Consumer Protection Act

More Scrutiny of California Data Brokers

Craig Carpenter Presents on Corporate Counsel Power Hour for State Bar of Texas

Janine Anthony Bowen Presents at Commonfund Forum 2025

Erika Vela Speaks at Victoria Perkins Legal Careers Exploration Program

Webinar: The Privacy Strategist 2025 – Cooking Up Compliance: Navigating the Alphabet Soup of Financial Privacy

Jennifer Mitchell Interviews California Head of Privacy Enforcement

Carolina Alonso Provides Insight on Children’s Privacy Laws in Cybersecurity Law Report

Craig Carpenter Guests on Counsel Brew, Discusses Career Arc – and Coffee

Jennifer Mitchell, Taylor Bloom Serve as Moderators for Third Annual CLA Annual Privacy Summit

Nichole Sterling Speaks on the Regulation of AI at Sedona Conference Working Group 13

Carolina Alonso Comments on Children’s Privacy Laws in Cybersecurity Law Report

Jennifer Mitchell Participates in IAB State Privacy Enforcement Roundtable

Why Have One When Four Will Do? How Oregon’s New Guidance on AI Compliance Bridges the AI Legal Gap

Justin Yedor Comments on Wave of State Privacy Protection Laws Taking Effect in 2025

Webinar: The Privacy Strategist – New Year, New Privacy Problems?

Carolina Alonso Shares Their Journey to the Legal Profession with High School Students

Taylor Bloom Moderates Panel, Comments on Adtech Use, Due Diligence

Year-End Review – Data Privacy Insights to Take into 2025

DSIR Deeper Dive – The Worst Cookie Recipe

Terms of Use: 10 Things You Agree to When Visiting a Website

Bethany Lukitsch, Justin Yedor Provide Advice on Avoiding Web-Tracking Litigation

Taylor Bloom Presents Ad Tech Privacy Year in Review for California Lawyers Association

Kimberly Gordy Contributes Cybersecurity Article to TribalHub Magazine

Justin Yedor Comments on Legal Risks of Not Honoring Opt-Out Signals in Corporate Counsel Article

Nichole Sterling Speaks at ABA International Law Section Fall Conference

BakerHostetler DADM and Litigation Group Members Present at ANA Masters of Advertising Law Conference

Taylor Bloom Participates in Hybrid CLE Event with SDCBA

IAPP’s DACH and Luxembourg Joint KnowledgeNet: More Zombie Technologies in Time for Halloween!

Trick-or-Track: Age Signals in New York’s Children’s Privacy Law

Nichole Sterling Presents at Privacy + Security Forum Fall Academy

DSIR Deeper Dive: State Comprehensive Privacy Laws

Colorado and California Get Ahead of Neural Data Regulation

Webinar: The Privacy Strategist: Website Tracking Claims—a Frightening Trend

Janine Anthony Bowen Discusses GSU Search for New Law School Dean

Erika Vela Presents to Analytics Class at The University of Texas at Austin Graduate School

Taylor Bloom Discusses US Privacy Laws at 2024 InfoGov World Conference

Taylor Bloom Presents at California Association of Realtors Legal Forum

Taylor Bloom Presents at 2024 IAB Privacy Compliance Salon

Craig Carpenter, Tamara Baggett Present 2024-25 Risk Landscape at ACC Dallas Event

Andreas Kaltsounis Comments on Dismissal of Some SEC Charges Against SolarWinds

Toni Igbenoba, Kyle Gregory Participate in State Bar of Georgia Webinar

Deeper Dive: FTC in 2024 Continues Aggressive Privacy Path – But Don’t Forget About that Rulemaking

Whitney Schneider-White Takes Part in Panel at Lavender Law Tech-Telecom Institute

Webinar: The Privacy Strategist: Loper Bright, Chevron Deference and Data Regulation

Melinda McLellan Serves as Panelist at Transportation Research Board Conference

Jennifer Mitchell, Justin Yedor Lead Panel on AI Regulation and Advertising Privacy at 2024 ANA Conference

Third CCPA Enforcement Settlement with California Attorney General and Los Angeles City Attorney Announced Against Mobile Game App

James Sherer Participates on Panel at Inform24

Coming Soon: New Podcast Series “Technology from the Top: AI, Data and the Future of Business with Today’s CIOs,” Hosted by Janine Anthony Bowen

Chad Rutkowski Authors Material on Data License Agreements for LexisNexis Practical Guidance

Nichole Sterling Participates in InfoGovANZ Webinar on Data Privacy Risks

Nichole Sterling, Eric Gyasi Lead Discussions at The Sedona Conference Working Group 11 Annual Meeting 2024

James Sherer, Nichole Sterling Quoted in CIO Magazine on EU AI Act

BakerHostetler a Finalist for Chambers USA’s Privacy & Data Security Law Firm of the Year Award

James Sherer Comments on Insurer AI Rules in Law360 Article

Janine Anthony Bowen, Jamie Kim Author Article on the Impact of Generative AI on Technology Contracts

Three BakerHostetler Attorneys and Two Firm-Authored Articles Recognized in 2024 JD Supra Readers’ Choice Awards 

James Sherer Quoted in Bloomberg Article on AI Rules from the U.S. Government

Sterling addresses compliance obligations in light of new EU-US Data Privacy Framework

Kaufman says amended FTC lawsuit against Kochava provides ‘far more compelling narrative’

Organizations need ‘functional definition of AI’ to craft effective internal policy

BakerHostetler Launches 2023 Data Security Incident Response Report

DSIR Report Deeper Dive - 2022

2022 DSIR Report Deeper Dive: CPRA Compliance

BakerHostetler Launches 2022 Data Security Incident Response Report – Resilience and Perseverance

Melinda McLellan, Carolina Alonso, Shea Leitch, Alexandra Royal, Nichole Sterling Discuss Trends in Global Data Protection Law

New Director of HHS Office for Civil Rights Announced: What could Lisa J. Pino’s appointment mean for future HIPAA enforcement?

Janine Anthony Bowen, Kyle Gregory Speak on IT Contracting

Effective Oct. 1, 2021: Connecticut Expands Data Breach Notification Statute

CPRA Rulemaking Begins with an Invitation by the New California Privacy Protection Agency

FTC Issues Statement Warning Health Apps to Notify Consumers About Data Breaches

David A. Carney Recognized as Cybersecurity & Privacy MVP by Law360

SEC Cybersecurity Actions Against Registered Firms for Business Email Compromises Emphasize Importance of MFA

Craig Carpenter a Guest on “Careers in Data Privacy” Podcast

Craig Carpenter Discusses His Career Path on “Careers in Data Privacy” Podcast

Ohio Proposes Comprehensive Privacy Legislation

SEC Scrutinizes Use of Fintech by Broker-Dealers and Investment Advisers

Taylor Bloom to Discuss Evolution of California Privacy Rights

Colorado’s Privacy Act: A Curve Ball on Consent and Targeted Ads

Melinda McLellan, Carolina Alonso, Shea Leitch, Alexandra Royal, Nichole Sterling Join Data Protection Law Panel

The New China Data Security Law and the Impact on Multinational Companies

Nevada Gov. Sisolak Signs Senate Bill (SB) 260 Expanding the State’s Internet Privacy Law

Melinda McLellan Speaks on SCCs and Data Transfers Post-Schrems II

Pairing Real-World™ Problems with Realistic Solutions – a Push for Practical Information Governance

Updated EU Standard Contractual Clauses Are Finally Here

Craig Hoffman Featured in Video Interview Discussing “Data Security Incident Response Report”

BakerHostetler’s DADM Practice Group Expands in Dallas with the Addition of Craig Carpenter

BakerHosts

CA Privacy Law Reboot – CCPA 2.0

Digital Assets and Data Management

Information Governance

Advertising, Marketing and Digital Media

Compliance

Web3 and Digital Assets

Comprehensive State Privacy Laws

Artificial Intelligence (AI)

Healthcare Privacy and Compliance

Digital Risk Advisory and Cybersecurity

Emerging Technology

Privacy and Digital Risk Class Action and Litigation

Digital Transformation and Data Economy

Russia-Ukraine War Resource Center

Industries

Retail

<h5>Privacy Governance</h5>
<ul>
<li>Counseled hundreds of companies on developing, implementing and maintaining privacy programs and complying with applicable data protections laws, including the CCPA.</li>
<li>Representing the interests of multiple clients in the digital advertising sector while working with the Internet Advertising Bureau to help develop a policy framework, multiparty agreement and technical signal program that will allow publishers and advertisers to integrate their CCPA “do not sell” requests with internet-based advertising technologies.</li>
<li>Advising numerous clients regarding compliance with international data transfer restrictions and data localization requirements. Additionally, we developed and implemented GDPR compliance programs for U.S. and international organizations, including applicability analysis, data mapping, data transfer mechanisms, consent mechanisms, “right to be forgotten,” data security assessments, breach response programs, the selection of Data Protection Officers and employee training.</li>
<li>Served as lead privacy counsel to a cutting-edge healthcare funding provider; provided a 50-state analysis of the privacy landscape for the company.</li>
</ul>
<h5>Technology Transactions</h5>
<ul>
<li>Representing an insurance company in its multimillion-dollar multiparty cloud and software services agreements.</li>
<li>Supporting a large healthcare system as lead technology and intellectual property counsel; advising the organization in more than $50 million worth of technology acquisitions.</li>
<li>Acting as lead counsel to a minerals and material solutions provider, evaluating and mitigating the risks of third-party installation of IoT tracking technologies for assets management.</li>
<li>As privacy counsel to a global public relations and earned media software company, led the organization through multiple acquisitions of portfolio companies and conducted privacy diligence for a number of transactions.</li>
<li>Advised a healthcare customer-relationship management company on commercial transactions and the development of a privacy and data strategy, navigating HIPAA compliance and regulations.</li>
</ul>


Privacy Governance and Technology Transactions

Privacy Governance and Technology Transactions

Experience

Privacy Governance

Technology Transactions

Recognitions

Insights and News

Featured Insights