Stephanie N. Malaska

Associate

Washington, D.C.
T +1.202.861.1716
F +1.202.861.1783

Overview

Stephanie Malaska’s depth of experience with privacy, data protection, and emerging technology issues make her a trusted advocate for a variety of domestic and foreign clients. Forward-thinking and practical, Stephanie regularly advises businesses on compliance with a variety of state, federal, and international privacy laws, including the European Union General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and others. Stephanie further assists with the handling and notification of international data security incidents, and helps businesses think strategically about their privacy obligations across multiple jurisdictions. Her understanding of international law allows her to understand the complex risks and regulatory challenges of cross-border privacy compliance, and to offer actionable and individualized advice. Through her familiarity with the intersection of privacy and technology, Stephanie also lends valuable insights to clients in the blockchain, cryptocurrency, and other new and innovative fields.

Stephanie’s privacy and data protection expertise is augmented by prior experience in international disputes and internal investigations. Among other engagements, Stephanie has assisted with the defense of international clients under the Foreign Corrupt Practices Act (FCPA) and has represented a European client in a multi-million dollar investment treaty arbitration.

Select Experience

  • Develops and implements CCPA and EU GDPR compliance programs for domestic and international businesses, and guides clients through all phases of compliance. Assists with data flow mapping, implementation of data transfer mechanisms, creation of risk assessments and analysis of risk tolerance, compliance with recordkeeping obligations, employee training, and creation and implementation of data subject/consumer rights requests procedures and mechanisms.
  • Advises and assists clients in meeting investigatory and notice obligations following international data security incident, including tracking developing and emerging foreign privacy laws and drafting and filing of communications to foreign data protection authorities.
  • Drafts, tailors and negotiates a variety of contractual agreements regarding data protection obligations.
More »

Experience

  • Develops and implements CCPA and EU GDPR compliance programs for domestic and international businesses, and guides clients through all phases of compliance. Assists with data flow mapping, implementation of data transfer mechanisms, creation of risk assessments and analysis of risk tolerance, compliance with recordkeeping obligations, employee training, and creation and implementation of data subject/consumer rights requests procedures and mechanisms.
  • Advises and assists clients in meeting investigatory and notice obligations following international data security incident, including tracking developing and emerging foreign privacy laws and drafting and filing of communications to foreign data protection authorities.
  • Drafts, tailors and negotiates a variety of contractual agreements regarding data protection obligations.
  • Advises on compliance with overlapping domestic and international privacy laws, and provides insight on cross-border transfer mechanisms including the EU-U.S. Privacy Shield Framework and EU Standard Contractual Clauses.
  • Drafts internal and external privacy and data security policies and disclosures, including employee privacy notices, consumer disclosures, and internal company procedures.
  • Counsels clients on privacy compliance and impacts of marketing or other complex data usage activities.
  • Advised blockchain industry clients on compliance with GDPR and CCPA, with particular focus on right of erasure and issues surrounding use of immutable ledger.
  • Assisted with representation of a Maltese investor in an International Center for the Settlement of Investment Disputes (ICSID) arbitration against the Republic of Austria.
  • Worked to confirm and enforce foreign arbitral award in U.S. court.
  • Assisted in advising overseas clients on various legal issues, including U.S. AML compliance and potential disputes with sovereigns.
  • Assisted with representation of foreign individuals in connection with U.S. Department of Justice FCPA investigations.

Recognitions and Memberships

Memberships

  • American Bar Association

Pro Bono

  • Advised music industry client and assisted with client’s defense of defamation lawsuit in federal court.
  • Assisted individual in appeals process for Social Security disability benefits, including filing brief, obtaining medical evidence, and presenting proof of disability pursuant to applicable statutes.

Prior Positions

  • Department of Defense, Office of General Counsel, International Affairs: Legal Extern (2015)
  • Department of Justice, National Security Division, Counterterrorism Section: Legal Intern (2014)

Admissions

  • Virginia
  • District of Columbia

Education

  • J.D., University of Virginia School of Law, 2016; Judge Richard L. and Eugenia K. Williams Scholarship; Jean Pictet Society for Humanitarian Law, President and Team Member; Virginia Journal of International Law, Submissions Review Board Member
  • B.A., Politics and Philosophy, Washington and Lee University, 2013, magna cum laude; Phi Beta Kappa; Johnson Scholar; Washington and Lee Political Review, Acquisitions Editor

Languages

  • French

Blog

In The Blogs

Previous Next
Blockchain Monitor
This Week in Blockchain: Market Manipulation, ICO Taxation, Enterprise Solution Rollouts, and International Developments
By Brian P. Bartish, Heather K. P. Fincher, Stephanie N. Malaska, Robert A. Musiala Jr.
June 15, 2018
In this issue: • Price Manipulation Suspicions and Hacks Drive Market Volatility • Tax Implications of Initial Coin Offering Events May Be Enormous • Enterprise-backedBlockchain Rollouts Continue to Gain Steam • Foreign Regulatory and...
Read More ->
Blockchain Monitor
Five Things Blockchain Firms Need to Know About the GDPR
By Laura E. Jehl, Stephanie N. Malaska, Robert A. Musiala Jr.
June 11, 2018
We’re witnessing the convergence, and perhaps the collision, of two powerful new forces in data privacy: the European Union General Data Protection Regulation (GDPR) and the emergence of blockchain based privacy solutions. These two forces...
Read More ->