Understanding the Ins and Outs of the CCPA

Joe is licensed to practice law in California and Washington, D.C. In addition to his close monitoring of California Consumer Privacy Act developments and counseling clients on the law, Joe is a long-time adviser to the financial services industry. He has a depth of experience that allows him to “connect the dots” for clients in the complex (and sometimes conflicting) regulatory and statutory schemes confronting financial intermediaries. He practices in both the Firm’s Washington, D.C. and Southern California offices. Joe possesses a broad knowledge base regarding foreign banks and domestic banks, savings associations, bank holding companies, finance companies, mortgage banking companies and their subsidiaries and affiliates. His practice includes providing financial intermediaries advice in the areas of regulatory and strategic planning, application and licensing, legislative strategy, commercial and consumer lending, examination, supervision and enforcement, and general corporate matters. He regularly counsels clients on matters such as retail operations, privacy, identity theft, consumer compliance, application and underwriting, payments systems, Internet, electronic commerce, examination, supervision and enforcement, operational and strategic planning matters.

Bob Cattanach is a Partner in Dorsey’s Regulatory Affairs Group. His technical background and business savvy enable him to understand the challenges of today’s cyber world and evolving privacy regulations. Bob works collaboratively with clients to determine their regulatory obligations, evaluate risk tolerances, and find optimal solutions in the ever-evolving world of data collection, use, sharing and ultimately safe destruction. Recognized by his peers as a thought leader in the areas of data security and privacy litigation, Bob serves as a member of the Sedona Conference Steering Committee for Working Group 11. Under his leadership, the Sedona Conference has published for public comment an Incident Response Guide, and he has led Sedona presentations to Working Group 11, as well as Sedona’s International Programme, on subjects including incident response, the European Union General Data Protection Regulation (GDPR) and California’s new Consumer Privacy Act (CCPA). He represents clients in breach responses, development of privacy policies and procedures, and counsels corporate Boards of Directors and Audit Committees on matters of cybersecurity, privacy and information governance. Bob’s unique skill set comes from decades of experience as a trial lawyer, and he maintains an active trial docket in courts around the country. Even the best compliance practices can occasionally fall victim to skilled hackers. When (unfortunately not if) this occurs, Bob’s trial-honed ability to craft a compelling narrative that explains the client’s compliance efforts and commitment can mean the difference between constructive regulatory dialogue versus potentially crippling sanctions. Bob is also a much-sought-after commentator and contributor to professional and journalistic coverage of cybersecurity issues, ranging from the New York Times and USA Today and numerous electronic media to various professional publications and blogs.

T. Sean Kelly is Senior Director, Technology in FTI Consulting’s Information Governance, Privacy & Security services practice. With over a decade of experience in technology and business strategy, Sean specializes in solving corporate data challenges and implementing end-to-end program solutions that reduce risk and increase efficiency. Mr. Kelly’s areas of expertise include: data privacy and protection, information governance, data analytics and intelligence, cloud strategy, and compliance monitoring. His expertise is often called upon to define governance strategy and solutions for evolving technologies including cloud-based repositories, dynamic social media platforms, and the shifting landscape associated with cross-border transactions.

Mr. Kelly holds a B.A., cum laude, University of South Carolina, a Master of Science in Management – Information Systems, and a Master of Business Administration, Gwynedd Mercy University. Sean is active in several industry organizations and holds relevant certifications, including: IAPP (CIPP/US), ACEDS (CEDS), ASTC and EDI. He frequently authors and speaks on data governance and privacy and provides testimony services to his clients.