David Williams, CIPP/US, CIPM is an eDiscovery and Cyber, Privacy & Data Innovation lawyer in the San Francisco office of Orrick, Herrington & Sutcliffe. David advises clients on a broad range of privacy and cybersecurity matters, including compliance and risk management.
David's practice focuses on leveraging his experience of providing insight and guidance on U.S. and E.U. privacy laws to assist clients with their privacy and cybersecurity needs. David works primarily with the eDiscovery and Cyber, Privacy, & Data Innovation groups addressing issues in both privacy issues in the context of litigation and compliance efforts. David assists clients from a broad range of industries and sectors in assessing their current privacy and cybersecurity practices.
David has guided clients through tailored California Consumer Privacy Act (CCPA) compliance programs and has experience evaluating the applicability of European data protection requirements, including the General Data Protection Regulation (GDPR), to U.S. companies.
Before joining Orrick, David was a Privacy Law Clerk at LinkedIn, where he worked with the legal team to develop policies and procedures in preparation for the enforcement of the European General Data Protection Regulation (GDPR). David also addressed privacy and data management questions for LinkedIn services and managed data processing and handling issues for new products.
David also has an active pro bono practice, which has included representing clients in immigration and innocence matters and assisting small and non-profit businesses with their privacy needs.
On February 7 and again on February 10, 2020, the California Attorney General Xavier Becerra released an updated draft of proposed regulations pursuant to the California Consumer Privacy Act of 2018 (“CCPA”). The updated drafts feature significant changes, clarifications and reversals of policy from the original proposal.
The updated draft regulations—available here (clean) and here (redline to the original October 2019 Draft)—reflect input gathered during the public comment period and series of public hearings which concluded on December 6, 2019. The first draft of the proposed regulations, the public comments and the transcripts and audio of the public hearings are available on the Attorney General’s CCPA webpage. The Attorney General also updated the online cache of documents and other information relied upon in preparing the revised draft regulations here.