Michelle Anderson counsels clients on a wide variety of privacy, security and consumer protection matters.

She regularly helps clients across industries, including technology, media, consumer goods, retail and healthcare, assess and develop privacy programs to balance corporate priorities with privacy protections. This work includes advice on the implementation of privacy policies and practices related to new products and services. Michelle also guides clients through responding to security incidents, including investigation, remediation and notification. In addition, Michelle routinely negotiates privacy and security provisions in vendor agreements. Her domestic compliance experience includes counselling clients on obligations under CAN-SPAM, COPPA, GLBA, HIPAA, TCPA, VPPA and a variety of state laws.

Her practice also includes advising clients on multi-jurisdictional privacy compliance issues, such as marketing, e-discovery, employee privacy, cybersecurity and cross-border data transfers, including EU-U.S. Privacy Shield certification.

Michelle has actively followed state privacy and security legislation as part of the State Privacy & Security Coalition and contributed to amendments to many state privacy laws.