Add a bookmark to get started

Justine Phillips

Justine Phillips


Justine focuses her practice on both proactive and reactive cybersecurity and data privacy services, representing clients in matters related to information governance, diligence in acquisitions and investments, incident preparedness and response, the California Consumer Privacy Act and cyber litigation.

She provides actionable and practical guidance to help businesses manage data, technology, cyber threats, privacy, security and digital assets. As businesses navigate complex and far-reaching laws and regulations, Justine proactively creates compliance programs customized to client needs and budgets, including data mapping, vendor management, privacy and security by design, cyber risk management and mitigation, eWorkforce policies, data retention and destruction policies and implementation, consumer request workflows, cyber-awareness policies and trainings, and CCPA/CPRA readiness audits. She also provides reactive cyber services, including incident response, crisis management, privileged forensic investigations into business email compromises, data breaches and ransomware attacks, compliance with notice obligations to individuals and regulators, regulatory inquiries and investigations, and cyber litigation. Justine also handles employment litigation and counseling, as well as commercial litigation. 

Bar admissionsCalifornia
CourtsUnited States District Court for the Southern District of CaliforniaUnited States District Court for the Central District of CaliforniaUnited States District Court for the Northern District of California
  • J.D., University of San Diego School of Law
  • B.A., University of San Diego


  • Named to The Best Lawyers in America for Privacy and Data Security Law (2023)


  • Co-author, "Data Privacy Program Guide: How to Build a Privacy Program that Inspires Trust," Ciso DRG Publishing (2022)

Seminars and Speaking Engagements

  • Speaker, 2023 California Privacy:  Preparing Human Resources for CCPA Compliance, The California Lawyers Association, Privacy Law Section, 2023 Inaugural Annual Privacy Law Summit, February 9-10, Los Angeles, California
  • Panelist, "Cyber Fraud: FBI & San Diego Cyber Council Present on the Importance of Humans in Cybersecurity," 2022 Fraud Prevention and Ethics Symposium, July 2022
  • Panelist, "Impacts of Nation State Sponsored Cyber Attacks," WiE National Conference, May 2022
  • Panelist, "Navigating Privacy Opportunities and Challenges Globally" Cybersecurity, Privacy & Data Protection Retreat, Sub-Four Capital, May 2022
  • Panelist, "Data Retention & Deletion: Building and Operationalizing Policies into Your Privacy Program," IAPP Global Privacy Summit, April 2022
  • Presenter, "Governing Cyber Risk," WiE, April 2022
  • Presenter, "Wisdom of Insecurity: Managing 2022 Cyber Risk," Association of Corporate Counsel, April 2022
  • Presenter, "Cyber Industry," 2022 Customer + Corporate Symposium, Western Energy, February 2022
  • Presenter, "Wisdom of the Tiger: Governing Privacy & Security Risk," San Diego ISSA Chapter, February 2022
  • Panelist, "Cybersecurity & Fraud in 2022," Wells Fargo, February 2022
  • Panelist, "An Introduction to the Role of Governance in Privacy and Cybersecurity," DLA Cyber Law Roundtable, January 2022
  • Presenter, "The Current Ransomware Landscape: A Journey Through the Stars," Utah iSymposium CLE, October 2021
  • Panelist, "External vs. Insider Threat: Responding to a Cyber Attack Caused by an Authorized User," IAPP Privacy.Security.Risk Conference, October 2021
  • Panelist, "From CCPA to CPRA," Techno Security and Digital Forensics Conference, October 2021
  • Presenter, "Rising Cyber Crimes & Working from Home," Special FBI Briefing, August 2021
  • Panelist, "Mitigating Cyber Risk," Sheppard Mullin Cyber Law Roundtable, March 2021
  • Presenter, "Making Space for New Laws: 2021 Privacy & Security Laws for InfoSec Pros," San Diego ISSA Chapter, February 2021
  • Panelist, "Roundtable: Fostering and Strengthening Relationships 'Attorneys and Litigation Support'," International Legal Technology Association, November 2020
  • Speaker, "Implicit Bias and Diversity in the In-House Counsel Setting," California Lawyers Association Shelter in Place Institute, November 2020
  • Panelist, "360 Degrees of a Ransomware Attack: Decision Points in Defense, Response and Mitigation," Infragard San Diego, November 2020
  • Moderator/Panelist, "Protect the Privilege: Maintaining Attorney-Client & Work Product Privilege During a Cyber Incident," USD Cyber Law Risk & Policy Symposium, October 2020
  • Speaker, "2020 VIP Backstage Pass: Investigating Cyber Events & HR Matters During a Pandemic," County of Los Angeles, October 2020
  • Panelist, "Cybersecurity Workshop: 'Do's and Don'ts of Incident Response'," North West Academic Computing Consortium, October 2020
  • Recording Session, "Cybersecurity in the Age of Telemedicine – 'Lessons Learned'," National PACE Association, October 2020
  • Speaker, "Girl Scouts Cybersecurity Workshop Sessions 'Cybersecurity Investigations'," Girl Scouts of America synED, September 2020
  • Panelist, "Journey to the Cloud," InfoCgv for Legal Operators, September 2020
  • Speaker, "Virtual Lunch with Leaders 'Mentorship' Webinar," San Diego Paralegal Association, August 2020
  • Speaker, "Planning for a Safe Return to the Office in a Covid World," San Diego InfraGard Webinar, August 2020
  • SynEdPanelist, Data Governance for Legal Operators Webinar, August 2020
  • Speaker, "Cyber Instructors/Coaches Training: Wrap-Up National Collaborative Efforts," June 2020
  • Panelist, "Data Privacy & Security | The New Litigation and Regulation Battleground," June 2020
  • Speaker, "WITI OC Virtual Event: A Guardians of the Galaxy's approach to California’s Consumer Privacy Act (CCPA)," Women in Technology International, June 2020
  • Speaker, "Unique considerations in managing the risks of phishing and ransomware attack," Ernst & Young LLP, June 2020
  • Panelist, "PrivacyConnect San Diego: Expert Panel Session, Q&A," One Trust, May 2020
  • Speaker, "Reasonable Security and the CCPA," WSJ Pro Cybersecurity, May 2020
  • Speaker, "The COVID-19 Pandemic: Special FBI Briefing on Rising Cyber Crimes & Working from Home," Infragard San Diego, April 2020
  • Speaker, "'Vision: Preparing for CCPA' Speaking Presentation Timeslot," 2020 Techno Security & Digital Forensics Conference, March 2020
  • Speaker, "Get Smart 'Cyber-Intelligent Corporate Counsel Reduce Risks'," American Bar Association 2020 Corporate Counsel CLE Seminar, February 2020
  • Speaker, "VIP Backstage Pass "Ethical Issues in Responding to a Cyber Attack'," Association Corporate Counsel 2020 MCLE La-Law Pooza, January 2020
  • Speaker, "Center for Real Estate Cyber Security: What It Means for Commercial Real Estate," The Paul Merage School of Business, January 2020
  • Speaker, "Security is Mostly a Superstition 'Reasonable Security' Under the California Consumer Privacy Act," Wall Street Journal Cybersecurity Symposium, January 2020
  • Speaker, "New Technologies and the Potential Privacy & Responsibility Challenges They Present," SDSC’s Annual Winter Forum on Data, December 2019
  • Speaker, "GDPR and its implications," SDSC’s Annual Winter Forum on Data, December 2019
  • Panelist, "Risk Management Considerations," Cybercon 2019 Conference, November 2019
  • Moderator, "'Reasonable Security' Under the California Consumer Privacy Act," USD 2nd Annual Cyber Law Risk and Policy Symposium, November 2019
  • Speaker, "Cyber Security Discussion," Coronado Rotary Club, October 2019
  • Panelist, "CISO Coalition: California Consumer Privacy Act (CCPA) Discussions," Gartner, October 2019
  • Speaker, Happy Hour with Your Labor Lawyer, October 2019
  • Panelist, Workplace 2020: "20/20 Vision in the Workplace," SDEAC, October 2019
  • Speaker, "CCPA’s Legislative Updates & Amendments," Sheppard Mullin’s Cyber Law Roundtable webinar, October 2019
  • Panelist, "Breakfast Panel Discussion: Automation & Compliance," PwC, September 2019
  • Speaker, "Implications of the California Consumer Privacy Act and the Rapidly Changing Legal Precedents on Corporate Security," June 2019
  • Speaker, "CCPA with ESET," Tech San Diego’s Cybersecurity Summit, June 2019
  • Speaker, "CCPA & GDPR," OneTrust PrivacyConnect Roadshow, June 2019
  • Speaker, "Cyber Law Roundtable – CCPA and The Three Questions," Sheppard Mullin’s Cyber Law Roundtable webinar, April 2019
  • Panelist, "Tribes Are Prime Targets: Threats and Solutions for Cybersecurity & Criminal Activity," Native American Finance Officers Association, April 2019
  • Speaker, "Collection of Ephemeral Messaging, Social Media & Other Emerging Media," 2019 Techno Security & Digital: Impermanence in Forensics & eDiscovery, March 2019
  • Speaker, Southern California Tribal CFO Roundtable on the California Consumer Protection Act, March 2019
  • Speaker, "Warrior One: Yoga & Meditation for Legal Professionals," Life & Law, January 2019
  • Speaker, "Lost in Space: Navigating “Reasonable Security," ISACA's San Diego Chapter, January 2019

Media Mentions

  • "What to Do – And What Not to Do – In the Aftermath Of A Cybersecurity Attack," the Wallstreet Journal, December 2020
  • "No Income and Number 88,000 In Line: This Is What It’s Like to Be Unemployed in America," USA Today, May 2020
  • "New State Law Gives Californian’s More Rights When It Comes to Protecting Data Online," ABC News, July 2018
  • "New Calif. Data Breach Law May Fall Short," Law360, October 2014
  • "Calif. Smart-Meter Data Law Hints at Privacy Bills to Come," Law360, January 2014

Civic and Charitable

  • Board Member, American Red Cross of San Diego/Imperial Counties
  • Founding Member and Past President, Mother Attorney Mentoring Association of San Diego
  • Board Member, Kawasaki Disease Foundation 

Memberships And Affiliations

  • Vice President, Infragard San Diego, 2018-present
  • Founder & Chair, Cyber Law Symposium, 2017-present
  • Founder & Former Chair, Lawyers Club of San Diego – Life & Law Committee