Lea Lurquin

Lea Lurquin


Lea is a Certified Information Privacy Professional (CIPP/US, CIPM) and a member of DLA’s globally recognized Data Protection, Privacy and Security practice. She advises domestic and foreign clients on a broad range of privacy laws, including state and federal US as well as EU laws relating to privacy and data protection, consumer protection, and information technology. Lea’s practice crosses multiple industry sectors, including technology, automotive, identity verification, media, retail, and financial services. Her practice focuses on consumer privacy, biometrics, telematics, marketing, employee privacy, and cross-border data transfers.

Lea has extensive experience advising clients on privacy and security questions under US federal and state laws, including the California Consumer Privacy Act (CCPA) as well as under the other comprehensive US state laws (CPA, CTDPA VCDPA, and UCPA), the TCPA, CAN-SPAM, the General Data Protection Regulation (GDPR) and ePrivacy Directive, and biometric laws including BIPA. 

Lea helps clients with the development of their privacy compliance program of all sizes, including building complex global external-facing privacy notices as well as global internal privacy and security policies and procedures. She provides clients with DPO trainings, drafts and negotiates (global) data processing terms, conducts Schrems II transfer impact assessments, privacy gap assessments and creates global privacy control frameworks. She also regularly works with the firm’s international offices to conduct complex international surveys and provides practical advice and solutions for privacy compliance issues that global companies face. Lea is a Co-Editor of DLA’s Data Protection Laws of the World Handbook, which features key privacy law requirements in over 110 jurisdictions around the globe.

In addition, Lea has responded to numerous multi-jurisdictional data security incidents, including identifying notice obligations internationally, and collaborating with leading cybersecurity professionals and e-discovery vendors, and advising on mitigation strategies related to post-incident responsibilities.

Lea is a native German and German sign language speaker and has worked on data protection and privacy related matters in Germany prior to joining DLA.

Bar admissionsCaliforniaNew York
  • German
  • J.D., University of Cologne
  • LL.M., Law, University of California at Berkeley


Certified Information Privacy Professional (CIPP/US), (CIPM)


  • California Attorney General issues non-compliance notices regarding loyalty program requirements under the CCPA, 07 February 2022
  • Protecting your company from supply chain cyber attacks, September 2021
  • Whatever your sector, ransomware attacks are changing how to think about platform security risk: Action steps, 14 June 2021
  • President Biden issues broad-ranging Executive Order on cybersecurity, 13 May 2021