James M. Sullivan Jr.Partner
Jim Sullivan is a partner in DLA Piper's Washington, DC Regulatory and Government Affairs practice. He focuses on data protection, privacy and security issues, as well as a broad range of regulatory matters pertaining to emerging technologies, national security and international trade.
Jim has extensive experience in both the government and private sectors. Prior to joining the firm, Jim served as the Assistant Secretary for Industry & Analysis and as the Deputy Assistant Secretary for Services in the International Trade Administration (ITA) at the US Department of Commerce. In these roles, he led US government efforts on several key digital policy matters—including the administration and oversight of the EU-U.S. Privacy Shield Framework, engagement with European officials on the implementation and enforcement of the EU's General Data Protection Regulation (GDPR), and development by the OECD of high-level principles on government access to personal data held by the private sector. Following the landmark Schrems II decision by the Court of Justice of the European Union, Jim headed the US government task force charged with negotiating the Trans-Atlantic Privacy Framework.
During his time with the Commerce Department, Jim modernized and strengthened the Committee for Foreign Investments in the US (CFIUS) by implementing the process changes required by the 2018 Foreign Investment Risk Review Modernization Act. He also directed the Department's blockchain and fintech policy efforts to promote greater international regulatory harmony.
Prior to his government service, Jim held a number of senior business and legal roles. He served as co-founder and president of a SaaS startup, general counsel of a private equity firm, and white-collar litigator at two AmLaw 50 global law firms.
· Privacy, Data Protection and Digital Economy
- Led the US government's 80-person interagency task force charged with negotiating the Trans-Atlantic Data Privacy Framework in the wake of the landmark Schrems II decision by the Court of Justice of the European Union.
- Testified before the Senate Commerce Committee on the future of transatlantic data flows.
- Implemented the EU-US and Swiss-US Privacy Shield Frameworks—supervising the certification of over 3,000 companies to the Privacy Shield Principles; coordinating with the Federal Trade Commission (FTC) on enforcement of the certifications; and leading three successful annual joint reviews of the Framework in Brussels and Washington with the European Commission, representatives of the European Data Protection Board (EDPB), trade associations and NGOs active in the field of digital rights and privacy.
- Spearheaded the OECD's initiative to set out high-level principles for reconciling law enforcement and national security needs for data with the protection of individuals' privacy interests.
- Led two US government delegations to Japan for consultations on the amended Act on the Protection of Personal Information (APPI) and the EU-Japan Mutual Adequacy Arrangement.
- Represented the US government at meetings of the OECD's Committee on Digital Economy Policy on fostering trust in cross-border data flows and AI.
- Headed a joint US-Japanese delegation to India to advocate against the data localization mandates required by the Reserve Bank of India and India's proposed Personal Data Protection Bill.
- Engaged with Brazilian government officials on the implementation of Brazil's General Data Protection Law (LGPD) and the creation of its National Data Protection Authority.
- Collaborated with the US Department of the Treasury on helping to address the tax challenges of the digital economy by advocating publicly for the consensus-based solution set forth by the OECD/G20 Inclusive Framework on Base Erosion and Profit Shifting.
- Conferred with the National Institute of Standards and Technology (NIST), US Department of Justice (DOJ), Office of the Director of National Intelligence (ODNI), and representatives of the Five Eyes intelligence-sharing group regarding the recurrent "going dark" debate over encryption standards.
· International Trade
- As the CFIUS lead for the US Department of Commerce, implemented the process changes required by the 2018 Foreign Investment Risk Review Modernization Act.
- Represented multiple clients in the energy and life sciences industries in government and internal corporate investigations concerning alleged violations of Foreign Corrupt Practices Act (FCPA).
- Advised numerous multinationals on compliance requirements, formal ethics and compliance programs, and due diligence matters related to the FCPA and export controls.
- M.B.A., Georgetown University
- J.D., Catholic University of America
Member, Law Review
- B.A., Political Science, College of the Holy Cross
From 2017 to 2021, Jim served as the Assistant Secretary for Industry & Analysis and as the Deputy Assistant Secretary for Service in the International Trade Administration at the US Department of Commerce. Prior to his government service, Jim held a number of senior business and legal roles, including as co-founder and president of a SaaS startup, general counsel of a private equity firm and white-collar litigator at two AmLaw 50 global law firms.