The Cybersecurity and Privacy Law Section presents
The Cybersecurity and Privacy Law Section Conference – 2025
| Date |
Thursday, October 16, 2025 |
| MCLE Registration |
8:20 - 8:50 a.m. |
In-Person Program
|
8:50 a.m. - 2:00 p.m.
Lunch will be provided. |
| Reception |
2:00 - 3:00 p.m. |
| MCLE |
3 Hours |
Location
|
BASF Offices
50 Fremont Street, Suite 1700
San Francisco, CA
|
Our Annual Cybersecurity Law Conference offers critical insights into the latest legal developments and regulatory changes affecting the cybersecurity landscape.
Attending will equip your firm with the knowledge and strategies needed to navigate emerging legal challenges and protect your clients' interests in an increasingly complex digital world.
Time: 8:50 - 9:00 a.m.
Welcome and Opening Remarks
Jonathan Tam, Baker McKenzie
Time: 9:00 - 10:15 a.m. | MCLE: 1 Hour
Panel I: CCPA Spotlight: Rights, Business Duties & Enforcement Trends
A discussion with the California Privacy Protection Agency's Head of Enforcement
Speakers
 |
   |
Michael Macko
California Privacy Protection Agency |
Ambar Chavez
Optery
|
Moderator
 |
Jonathan Tam
Baker McKenzie |
The California Privacy Protection Agency has been actively enforcing the CCPA and is focused on many areas, including non-compliant usage of digital advertising technologies, companies' failure to address data subject rights requests, and practices that may harm vulnerable populations. Join us for a detailed explanation of these important developments, as well as individuals' rights and business' obligations under the CCPA and other major privacy laws in the US and beyond.
Topics
- The California Privacy Protection Agency’s outlook on the CCPA, including its enforcement priorities
- CCPA compliance obligations and takeaways from recent enforcement cases
- Individuals' rights under the CCPA and their impact
- How the CCPA fits into the broader privacy landscape in the US and beyond
- How companies can address data minimization, verification of privacy rights requests, and other CCPA requirements
Time: 10:15 to 10:30 a.m. | Coffee Break
Time: 10:30 - 11:45 a.m. | MCLE: 1 Hour
Panel II: Not ‘If’ But ‘When’ A Breach Happens
Incident Response Counsel’s Role in Cybersecurity Incident Response and Litigation.
Speakers
 |
 |
 |
Sushila Chanana
Farella Braun + Martell |
Jamie Tolles
Incident Response, IDX |
Will Gadzinski
Pondurance |
Moderator
 |
Danielle Ocampo
Freeman Mathis & Gary |
When it comes to cybersecurity, organizations can no longer afford to simply contemplate what happens “if” a breach happens. Instead, lawyers, IT, and data security teams alike are preparing for “when” a breach happens—because it will. But the standard for preparedness constantly evolves as threat actors gain more sophisticated methods and tactics to infiltrate a network, send phishing emails, and bypass fundamental security measures. Knowing the ins and outs of managing incident response can strengthen your organization’s preparedness to handle cyber risks and even litigation.
Topics
- New threat actor threats
- Demo: Bypassing MFA
- Incident Response Counsel – Providing the privilege and more
- Preparing data breach notifications and regulatory reporting
- Incident Response’s role in third-party data breach litigation
Time: 11:45 a.m. to 12:45 p.m. | Lunch and Sponsor Table Activities
Time: 12:45 - 2:00 p.m. | MCLE: 1 Hour
Panel III: Crossing the Line – Legal Realities of Moving Data Abroad
Practical guidance on complying with data transfer restrictions and data sovereignty issues from Brussels to Beijing.
Speakers
 |
 |
 |
Paul Lanois
Field Fisher |
Carnegie Naidu
Juniper Networks |
Lisa Glover-Gardin
Meta
|
Moderator