Dominique Shelton Leipzig

US Privacy Counseling

Ad Tech Counseling

• Advising website and online services operators on privacy and data security issues relating to ad tech (including behavioral tracking, privacy disclosures for tracking and consent).
• Advising health tech companies on privacy and data security marketing initiatives relating to health data.
• Advising fintech companies on privacy and data security initiatives involving health tech.
• Assisting large retail chains on privacy and cybersecurity compliance in the areas of cloud, Big Data and mobile.

AI Experience

• Representing providers of large language model generative AI services
  • Representing the provider of large language model generative AI products/services in negotiations with licensees to discuss privacy, cybersecurity, and trusted AI legal frameworks legal compliance in licensee negotiations
  • Representing a large consulting organization in thinking through the risk categorization frameworks for trust AI data leadership.
• Representing developers/licensees/users
  • Representing a healthcare organization on AI legal compliance and risk management and governance.
  • Representing a large retailer on developing an AI risk governance program based upon “trusted legal AI frameworks” and mapping to technical standards.
  • Representing a top financial institution in developing an AI governance program grounded in the foundations of the trusted legal AI Framework.
  • Representing a large consulting organization in thinking through the risk categorization frameworks for trust AI data leadership.
    

Board Level AI Engagements

• Advising the Corporate Secretary and the Board of Directors of a major retailer on risks and opportunities associated with generative AI. Dominique will be advising both the Board, and the management teams leading the AI Governance project, on the legal contours around a Trusted AI program that conforms to the consensus around legal norms for responsible AI development as reflected in 37 countries and six continents. In this regard, she prepared a 106 paged workplan. She will be leading the guidance for the client in all aspects of the development of their risk assessment, governance and compliance frameworks. She will also be providing the Board with these metrics so they have actionable information upon which to assess opportunities and risks associated with the deployment of generative AI in various use cases in the company.
• Advising a publicly listed home healthcare system in architecting an assessment of the current data practices for the Board of Directors and creating strategy for appropriate governance over AI, privacy and cybersecurity. To that end, in May 2023, she presented her recommendations to the full board in conjunction with the general counsel and corporate secretary . Dominique has been engaged to create an appropriate board level privacy/cyber/AI incident plan and will be advising the audit committee on an on/going basis emerging legal trends so that the organization can stay ahead of the curve to come data leaders
  

Board Privacy & Cybersecurity Engagements

• Representing the Board of Directors of a major public company in the energy field , in the aftermath of ransomware attacks on critical infrastructure companies like Colonial Pipeline. Dominique led a team that reviewed 85 shareholder derivative actions for data breach and congressional testimony of the CEO of Colonial Pipeline, to customize a Board-level incident response plan , a set of applicable questions for Board Members to ask regarding the state of cyber preparedness, and series of Board trainings so that the Board could exercise effective oversight as part of its fiduciary over cyber and privacy-preparedness.
• Represented the California Chamber of Commerce as it negotiated business-friendly terms with Alastair Mactaggart, the individual behind the creation of California’s landmark Consumer Privacy Law. With regard to the updating of the law in 2019, by the California Privacy Rights Act, Dominique advised the CEO of the Chamber directly and together they architected a strategy that led to the business-friendly terms of the CCPA being added. Dominique represented the California Chamber on California Consumer Privacy Act privacy matters and developments in privacy in Europe affecting same from 2018-2023. Her presentations to leadership on these matters is exemplified by the presentation to the California Chamber Board of Directors on Data Privacy Issues referenced online here.
• For the largest county pension fund in the country, led the privacy and data security assessment for the Los Angeles County Employee Retiree Association (LACERA). LACERA is a 52 billion fund. In this capacity Dominique regularly reported to the LACERA board. Her final report provided detailed recommendations 95% of which were adopted by the CEO and the Board. Her presentations to the board on this initiative continue to protect the organization. Her final report is referenced online in fall 2016 board meeting minutes. Of the 60 + recommendations made by Dominique, the Board of Directions adopted 95% of them.
• Guided a large retailer through a data breach that involved more credit cards than the Home Depot breach. Over a two year period, Dominique regularly briefed the company’s executive leadership on the status of the incident, 8K disclosures, interactions with law enforcement and mitigation. She handled privacy counseling for the company and reporter to the board on the status of the company’s compliance efforts.
• For a global entertainment company, conducted a top-to-bottom assessment of the state of the company’s privacy and data security program. Dominique’s 100-page report provided the board and general counsel with clarity regarding the state of majority. During the course of that engagement, Dominique regularly reported to the board and sat as a legal advisor to the privacy and cyber audit teams.
• Defended a publicly-traded medical device company against a confidential privacy regulatory matter that ended with no fine to the company. Dominique led the effort to quickly transform the client’s practices such that the regulator elected to exercise discretion not to impose a 20 year consent decree. Thereafter, she conducted a training program for the audit and ethics committee about the state of compliance and maturity of the program.

Board Reports and Privacy Assessments

• Preparing board reports for public organizations concerning legal compliance with privacy and cybersecurity best practices.*
• Conducted employee, HR and IT interviews as part of comprehensive legal assessments of adequacy of privacy and cybersecurity policies.

Health Tech

• Advised a major medical device company on mobile medical application, Big Data, compliance with HIPAA privacy and security rules, the California Confidentiality of Medical Information Act (CMIA), cloud storage and privacy notices, policies and other privacy disclosures for its website for patient social networking, and communication with health care advisers.*
• Advised a health tech company regarding its online portal for diagnosis of ADHD, concerning compliance with HIPAA and the CMIA, and preparing privacy policies and CMIA disclosures.*
• Assisted a medical billing company with compliance with an FTC enforcement order and creating an updated website privacy policy, terms of use and website disclosures.*
• Conducted privacy due diligence in connection with a Fortune 100 consulting company’s acquisition of two medical billing companies.*

Global Privacy & Data Protection Compliance

• Leading EU General Data Protection Regulation (GDPR) and Asia-Pacific Economic Area data legal compliance project for global companies in the semiconductor, IT, media and retail industries.
• Lead a review of one of the largest online auction website’s vendor agreements for GDPR compliance.
• Handling cybersecurity compliance strategy in the United States and EU for major media corporations.
• Led an EU, Asia and South America data privacy and security compliance project for a major Japanese gaming company.*
• Lead cross-border transfer legal compliance strategies and vendor management strategies for several major retail, consulting, communications, payments and fast food companies.

Data Breach Investigations

• Served as project lead for a breach investigation for a global retail brand.*
• Lead a forensic breach investigation for a financial institution.*
• Lead a breach investigation for a global e-commerce website.*
• Lead a forensic breach investigation for an online service for a health and wellness mobile app.*
• Lead a forensic breach investigation and consumer notification for a global media company.*
• Lead a forensic breach investigation for a national consumer product retailer.*

Cyber Preparedness Counseling

• Lead a comprehensive data security legal assessment.
• Lead a cybersecurity preparedness program for a financial institution and serving as outside counsel member of its Cybersecurity Incident Response Team.
• Lead a privacy and data security legal assessment compliant with the NIST Cybersecurity Framework.
• Lead a review of data security and IT policies for a cloud service provider for compliance with the NIST Cybersecurity Framework.
• Lead a privacy and data security legal assessment for a media company.

California Consumer Privacy Act (CCPA) - Regulatory Experience

• Led a team that drafted comments to the California Attorney General’s Office in connection with its CCPA rulemaking process on behalf of the California Chamber of Commerce, which includes a number of retailers. See California Chamber of Commerce Comments to the California Attorney General's Office for CCPA Rulemaking (March 8, 2019), available at CCPA Public Comments (at CCPA00000067).
• Testified before the California Senate Judiciary Committee in a hearing titled “Informational Hearing on the State of Privacy: CCPA vs GDPR” (March 5, 2019). See March 5, 2019 - Senate Judiciary Committee: Informational Meeting on State if Privacy CCPA vs GDPR.
• Testified before the Senate. See April 9, 2019 - Senate Judiciary Committee Hearing re Bill to expand Private Right of Action Under the CCPA - creating greater class action exposure for companies (SB 561) testimony.

CCPA and GDPR Compliance Counseling

• Representing several business-to-consumer clients in CCPA compliance, including multiple national retailers, a social networking platform, a medical provider and a fintech money transfer app embedded in multiple major national bank mobile apps.
• Representing a global device manufacturer in CCPA compliance efforts. Advising one of the largest semiconductor companies in the United States in CCPA compliance, having first led the company’s GDPR compliance in 2017-2018.
• Representing a global ad tech company in CCPA compliance.
• Representing a global smart television app developer in CCPA and GDPR compliance.
• Representing the largest domestic consortium for financial data in CCPA compliance, after completing a privacy and data security assessment in 2018.
• Representing one of the largest ad serving networks in CCPA compliance.

*Prior firm experience

Brown University, 文学学士

美国乔治敦大学法律中心, 法律博士

• 加利福尼亚州

出庭资格

• US District Court for the Central District of California
• 美国第九巡回上诉法院
• US District Court for the Northern District of California
• 美国最高法院

• The National Black Lawyers
• International Association of Privacy Professionals (IAPP), Board of Directors, 2020
• Certified US Information Privacy Professional (CIPP/US) through the International Association of Privacy Professionals (IAPP)
• Federal Bar Association of Los Angeles, Board of Directors
• Magistrate Judge Merit Selection Panel for the U.S. District Court for the Central District of California, 2011 – 2017
• Los Angeles County Bar Association, Entertainment & Intellectual Property Law Section (ELIPS), Chair, 2011 – 2012
• Ninth Circuit Judicial Conference, Lawyer Representative
• Women Lawyers Association of Los Angeles (WLALA), President, 2005 – 2006, Life Member
• National Bar Association (NBA), Life Member
• Black Women Lawyers Association of Los Angeles (BWL), Life Member
• Langston Bar Association, Life Member
• California Women Lawyers Association, Board Member, 2004 – 2006
• Big Brothers Big Sisters of Greater Los Angeles, Board Member, 2007 – 2010
• Center Dance Arts, Board of Directors, Member 2013 – present
• Museum of Contemporary Arts, Drawings Committee, 2008 – 2011