Stanton P. Burke

Associate

San Francisco
T +1.415.659.2624
F +1.415.659.2601

Overview

Stanton Burke helps clients develop a practical and strategic approach to privacy and data protection that enables them to unlock the value of their data, navigate privacy risks and engage in data-driven transactions while complying with complex and evolving data protection laws.

Stanton counsels clients on a broad range of regulatory matters, including data privacy, data integrity and cybersecurity. He has advised clients regarding compliance with Section 5 of the FTC Act, the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), coordinating correspondence among client business, IT, HR, management and legal teams. This includes conducting data mapping interviews, advising on cross-border data transfers, assessing the value of data, drafting consumer and employee privacy policies, building data subject request portals and response templates, and advising on the use of cookies for behavioral ad targeting. His experience also includes analysis and application of GLBA, HIPAA, COPPA, TCPA, CAN-SPAM, FCRA, KYC/AML, state biometric privacy laws and other U.S. state and federal privacy and data security requirements and global data protection laws. In addition, Stanton has extensive experience advising clients on intellectual property and negotiating technology transactions, as well as providing legal risk mitigation strategies for deploying artificial intelligence (AI) and launching other data-driven products and services. Stanton also uses his expertise in these various compliance areas to conduct due diligence review of privacy and data security issues inherent in merger and acquisition transactions.

Before joining Baker Hostetler, Stanton was an associate in the San Francisco office of an international law firm and the Washington D.C. office of Microsoft, where he advised executives and attorneys on AI, data privacy and telecommunications. During law school, Stanton served as a Law Clerk for Commissioner Clyburn at the Federal Communications Commission (FCC), and also worked on the Global Policy Development team at Facebook.

Stanton is a Certified Information Privacy Professional (CIPP), holding both the EU and U.S. data protection certifications granted by the International Association of Privacy Professionals (IAPP).

Select Experience

  • Operationalized 20+ CCPA and GDPR compliant privacy programs for clients across all industries.
  • Advised a global technology company on the formation of a partnership with a cloud-based e-commerce platform that would enable mutual acceptance of each entity's payment method.
  • Seconded to a global e-commerce platform to advise on business and legal risks when deploying AI models and assist in revamping the privacy program.
More »

Experience

  • Operationalized 20+ CCPA and GDPR compliant privacy programs for clients across all industries.
  • Advised a global technology company on the formation of a partnership with a cloud-based e-commerce platform that would enable mutual acceptance of each entity's payment method.
  • Seconded to a global e-commerce platform to advise on business and legal risks when deploying AI models and assist in revamping the privacy program.
  • Assisted a retailer in response to a cyberattack resulting in the compromise of ~75,000 users’ data triggering notice to state Attorneys General, merchant banks, vendors and requiring outside forensics.
  • Negotiated data sharing agreements between a global e-commerce platform and a payment service provider that enables the acceptance of various digital payment methods.
  • Advised a global technology company on privacy and data security matters related to GLBA, FCRA and PCI-DSS compliance.
  • Led a data mapping exercise for a supplier of surveillance technology, including analyzing the data processing activities company-wide to ensure compliance with biometric privacy laws and briefing executives for meetings with regulators on the use of facial recognition technology.
  • Led a data mapping exercise for a grocery delivery service covering the processing of personal information of its employees and contractors to ensure compliance with the CCPA and PIPEDA.
  • Advised two multinational companies on the privacy and cybersecurity aspects of their return to work (RTW) strategies, including evaluating the business and legal risks of various RTW solutions and vendors for facial recognition, temperature scanning, network surveillance, CCTV and other employee monitoring and contact tracing methods.
  • Guided both a clean air management platform and a vehicle maintenance platform on the proper collection and processing of personal information in their respective AI-based solutions.
  • Drafted vendor addendums and data security agreements for a point-of-sale financing company.
  • Developed training and tabletop exercises for a global bank, a large pipeline company and an e-commerce platform.
  • Drafted memoranda for a large airline, classifying incident types and analyzing risk of harm.
  • Counseled a FinTech startup on AML and KYC requirements.

Recognitions and Memberships

Recognitions

  • Certified Information Privacy Professional – Europe (CIPP/E), U.S. (CIPP/US)

Memberships

  • International Association of Privacy Professionals
  • California Lawyers Association, Antitrust, UCL and Privacy Section
  • California Association of Black Lawyers

Prior Positions

  • Microsoft, Inc.: Associate, Corporate and Legal Affairs
  • Facebook, Inc.: Associate, Global Policy Development
  • Federal Communications Commission: Law Clerk, Commissioner Clyburn

Admissions

  • District of Columbia
  • New York
  • California

Education

  • LL.M., Law, Technology & Entrepreneurship, Cornell Law School, 2019
  • J.D., Howard University School of Law, 2017
  • B.S.B.A., Trinity University, 2012

Blog

In The Blogs

Previous Next
Data Counsel
8 Key Takeaways for Initial Defenses Under the CCPA and CPRA
By Stanton P. Burke, Casie D. Collignon, Marshall J. Mattera, Jeewon K. Serrato
October 7, 2021
Authors: Marshall Mattera, Jeewon Serrato, Casie Collignon and Stanton Burke Since the Jan. 1, 2020 kickoff for private enforcement under the California Consumer Privacy Act (CCPA), plaintiffs have filed scores of class actions invoking...
Read More ->
Data Counsel
CPRA Rulemaking Begins with an Invitation by the New California Privacy Protection Agency
By Stanton P. Burke, Jeewon K. Serrato, Justin T. Yedor
September 23, 2021
By Justin Yedor, Stanton Burke, and Jeewon K. Serrato For businesses awaiting guidance on how to comply with the California Privacy Rights Act (the “CPRA”), the new California Privacy Protection Agency (“CPPA”) began the rulemaking process...
Read More ->
Data Counsel
Colorado's Privacy Act: A Curve Ball on Consent and Targeted Ads
By Stanton P. Burke, Andreas T. Kaltsounis, Shea M. Leitch
August 4, 2021
On July 7, 2021, Gov. Jared Polis signed the Colorado Privacy Act (CoPA) into law, making Colorado the third state to enact a comprehensive privacy law, joining California and Virginia. The Act goes into effect on July 1, 2023, and shares...
Read More ->
Data Counsel
The Not-So-Hidden FTC Guidance on Organizational Use of Artificial Intelligence (AI), from Data Gathering Through Model Audits
By Stanton P. Burke, James A. Sherer, Nichole L. Sterling
May 24, 2021
Our last AI post on this blog, the New (if Decidedly Not ‘Final’) Frontier of Artificial Intelligence Regulation, touched on both the Federal Trade Commission’s (FTC) April 19, 2021, AI guidance and the European Commission’s proposed AI...
Read More ->
Data Counsel
The New (if Decidedly Not ‘Final') Frontier of Artificial Intelligence Regulation
By Stanton P. Burke, Chad A. Rutkowski, James A. Sherer, Nichole L. Sterling
April 27, 2021
The week of April 19 was an eventful one for practitioners following the evolution of potential artificial intelligence (AI) enforcement both in the United States and abroad, answering some questions regarding which regulators were going...
Read More ->