Junior Associate – Regulatory (Consumer Protection)

Ideal candidates will be problem solvers, self-motivated, and have extensive first-hand proficiency with counseling businesses on major global and U.S. data protection legal frameworks, the behind-the-scenes workings of the Internet, AI systems, and privacy and regulatory compliance, in addition to superior writing and communication skills, comfort with ambiguity, and a proven record of providing exemplary client service. This is a partner track position. Ideal applicants will have (2 – 3) years of experience focusing on regulatory investigations or litigation involving consumer protection issues (State AG, FTC, and other regulatory agencies), and/or be well-versed in defending data privacy and security class actions (e.g., Stored Communications Act, wiretapping claims, claims involving allegedly unfair and deceptive trade practices, and data breach class actions). Successful candidates will have a high level of academic achievement from a nationally recognized law school, the ability to engage directly with clients and lead significant projects, general tech fluency, and impeccable analytical and writing skills. The successful candidates will have experience providing Legal Advice on Almost Exclusively Data Protection Matters, and the Following Experience: Assisting companies with compliance issues in relation to the CCPA and other state privacy laws, the FTC Act, GDPR and other global privacy laws and regulations (with additional consideration for sector-specific experience in financial services, children’s privacy, telecom, biometrics, genetics or digital advertising); working knowledge of HIPAA, FCRA, GLBA, COPPA, TCPA, CAN-SPAM is expected. Drafting and revising privacy notices, terms of service, incident response plans, information security policies and other data protection policies. Drafting and negotiating professional services agreements, vendor/service provider agreements, data processing agreements, cross-border transfer agreements, and other types of commercial agreements involving data sharing. Responding to regulatory inquiries or investigations relating to privacy compliance and data breaches. Working on corporate transactions in relation to privacy and security-related due diligence and advising. Driving data breach preparation, risk mitigation, coordination and responses. Familiarity with establishing AI governance programs and policies, the EU AI Act and U.S. federal and state-level artificial intelligence and automated decision-making/profiling laws and regulations.