Justine Phillips

Partner

Baker & McKenzie LLP

Los Angeles

T + 1 310 616 5643

Email
Vcard

Biography

Justine Phillips is a partner in the Data & Cyber Practice Group for North America.

Practice Focus

Justine focuses her practice on both proactive and reactive cybersecurity and data protection services, representing multinational clients in matters related to incident readiness and resilience, compliance with global cyber laws, privileged cyber investigations and gap assessments, data governance, and data and cyber litigation.

She provides actionable and practical guidance to help businesses manage data, technology, cyber threats, privacy, security and digital assets. As businesses navigate complex and far-reaching laws and regulations, Justine helps businesses stay ahead of data-driven risk. Leveraging trusted legal technology, Justine offers holistic proactive and reactive legal services, including cyber/privacy/AI enterprise governance, privacy and security by design, cyber risk management and mitigation, data mapping, vendor management, workforce policies, data retention and destruction policies and implementation, consumer request workflows, and CCPA/CPRA readiness audits. Justine is globally recognized for her thought leadership and role in providing reactive cyber services, including incident response, crisis management, privileged forensic investigations into business email compromises, data breaches and ransomware attacks, compliance with notice obligations to individuals and regulators, regulatory inquiries and investigations, and cyber litigation. Justine also handles employment litigation and counseling, as well as commercial litigation.

Professional Honors

Named to The Best Lawyers in America for Privacy and Data Security Law (2023-2026)

Professional Associations and Memberships

Infragard National Members Alliance - Board Member
Cyber Law Symposium - Founder and chair
San Diego Cyber Council - Founder

Admissions

California~United States
U.S. Supreme Court

Education

University of San Diego School of Law (J.D., magna cum laude) (2005)
University of San Diego (B.A.) (1999)

Publications

Mentioned, "California Privacy Watchdog's Record Fine Against Tractor Supply Company Signals 'Escalating' Enforcement Trend," The Recorder, October 2025
Mentioned, "Failed Stopgap Funding Bill Puts Key Federal Cybersecurity Legislation in Jeopardy," Wall Street Journal, September 2025
Co-author, "South Korea Sets AI Standard: PIPC's Guidelines for Generative AI Present Obligations & Opportunity," Connect on Tech, August 2025
Co-author, "Cyber Criminals are Hungry to Exploit Artificial Intelligence: What's Your Appetite for AI & API Risk?," TribalHub Digital Magazine, July 2025
Co-author, "4 For 4: California AG Bonta focuses on opt outs and data sharing in fourth enforcement action yet under the CCPA," Connect on Tech, July 2025
Co-author, "Cyber Criminals are Hungry to Exploit Artificial Intelligence: What's Your Appetite for AI & API Risk?," Connect on Tech, July 2025

Co-author, "US AI Vision in Action: What Businesses Need to Know About the White House AI Action Plan," Connect on Tech, July 2025
Co-author, "NIST Proposes Updates to Privacy Framework," Connect on Tech, May 2025
Co-author, "NIST Proposes Updates to Privacy Framework," Connect on Tech, May 2025
Co-author, "US Department of Justice National Security Division Takes Steps to Implement Final Rule on Protecting Americans' Sensitive Data from Foreign Adversaries with FAQs, Guidance, and Limited Enforcement Policy for the First 90 Days," Connect on Tech, April 2025
Co-author, "Governor Youngkin Nixes Virginia AI Bill: U.S. States Focus on AI Innovation with Cautious Legislative Strategy," Connect on Tech, March 2025
Co-author, "CIRCIA Compliance: Preparing for New Cyber Incident Reporting Rules," Exterro's Data Privacy Alert, March 2025
Co-author, "The 2025 Baker McKenzie "Top 10" Predictions on Global Data and Cybersecurity Risks," Connect on Tech, 27 January 2025
Co-author, "AI Tug-of-War: Trump Pulls Back Biden's AI Plans," Connect on Tech, 20 January 2025
Co-author, "The Darwinian Effect: The Weaponization of Artificial Intelligence By Cyber Criminals," Scholarly Commons, January 2025
Co-author, "Looking Ahead: Spotlight on Cybersecurity," Connect on Tech, 10 December 2024
Co-author, "Setting the Standard: DHS Debuts First-of-its-Kind AI Safety Framework for Critical Infrastructure," Connect on Tech, November 2024
Co-author, "Prepping for the Holidays: Companies to Strengthen Cybersecurity Infrastructure in Compliance with Amendments to New York's Cybersecurity Regulation," Connect on Tech, November 2024
Co-author, "Off to the Races: California Advances CCPA Regulations on Cyber, Risk & AI," Connect on Tech, November 2024
Co-author, "AI Innovation in California Prevails: California Governor Nixes Major AI Legislation," Connect on Tech, October 2024
Co-author, "Minding Your Data: New Law Expands CCPA’s Sensitive Personal Information to Include Neural Data," Connect on Tech, October 2024
Co-author, "United States: SolarWinds Landmark Ruling – Amid Defense Victories, Questions Remain on Individual Liability and Material Misstatements of Fact," Connect on Tech, 24 July 2024
Co-author, "Cyber Transparency, Risk & Sanctions: How Cyber Incidents Give Rise to Export Control Issues," Connect on Tech, 24 May 2024
Co-author, "Kentucky is Off to the Races: Bluegrass State is 15th to Pass Comprehensive Privacy Law," Connect on Tech, 10 April 2024
Co-author, "Mission Critical: CIRCIA’s Regulations and the Race to Secure Critical Infrastructure," Connect on Tech, 4 April 2024
Co-author, "Cybercriminals Have Small Town, USA in Their Crosshairs: How to Fight Back," The Hill, 15 February 2024
Co-author, "Living Free from the Sale of Personal Data: New Hampshire is the 14th US State to Pass Comprehensive Privacy Law," Connect on Tech, 30 January 2024
Co-author, "Here, There and Everywhere: FTC Puts Location Data on the Enforcement Map for 2024," Connect on Tech, 25 January 2024
Co-author, "Lucky 13: the Garden State Cultivates the Privacy Landscape," Connect on Tech, 11 January 2024
Co-author, "The 2024 Baker McKenzie 'Top 10' Predictions on Global Data Privacy and Cybersecurity Risks," 27 December 2023
Co-author, California’s CPPA moves into 2024 with an ambitious agenda on Cybersecurity Audits, Risk Assessments, and Automated Decision-Making Technology, Connect on Tech, 14 December 2023
Quoted, "What to Do – And What Not to Do – In the Aftermath of a Cybersecurity Attack," The Wall Street Journal, December 2020
Quoted, "No Income and Number 88,000 In Line: This Is What It’s Like to Be Unemployed in America," USA Today, May 2020
Quoted, "New State Law Gives Californian’s More Rights When It Comes to Protecting Data Online," ABC News, July 2018
Quoted, "New Calif. Data Breach Law May Fall Short," Law360, October 2014
Quoted, "Calif. Smart-Meter Data Law Hints at Privacy Bills to Come," Law360, January 2014

Events

Presenter, Cyber/Tabletop Exercise at KPMG Audit Committee Workshop at the National Association of Corporate Directors (NACD) Summit, October 2025
Panel speaker, WEoB Conference, “Geopolitical Effect on AI,” September 2025
Speaker, 2025 Future Con San Diego Cybersecurity Conference CISO Panel, September 2025
Presenter, Virtual Roundtable: Follow-up to "The Regulatory Cyber Dance," RSA, June 2025
Co-presenter, “The First 100 Days - Geopolitical Outlook,” Moss Adams, May 2025
Co-presenter, "Data in the Geopolitical Landscape: A New Look for 2025," Baker McKenzie, 23 April 2025
Speaker, RSA Cybersecurity Conference / Infragard, “Mastering Cyber Readiness and Resilience: Balancing Tech, Strategy and Risk,” April 2025
Speaker, RSA Cybersecurity Conference / Infragard, “Cyber-Resilience in Action: A Tabletop Exercise on Protecting Critical Infrastructure,” April 2025
Co-presenter, i4 Forum San Diego, Cyber/Ransomware Training, March 2025
Panel speaker, London Data & Cyber Summit: Combatting Cyber Risk in 2025 - The key role of Public/Private Partnerships Global Compliance & Ethics Quarterly Townhall, Baker & McKenzie, February 2025
Co-presenter, Cyber Tech Investigations & Regulations CLE Cram Webinar, Baker & McKenzie, January 2025
Co-presenter, "The Cyber Fortress: Defending Against Digital Villains,” Exterro Virtual Series, January 2025
Co-presenter, "The Data Files: Uncovering Hidden Information,” Exterro Virtual Series, December 2024
Co-presenter, "Privacy Protocol: Safeguarding Confidential Information,” Exterro Virtual Series, November 2024
Co-presenter, "Global Rules of Engagement: Emerging Cyber Laws and Regulations," OneCon24 Conference, October 2024
Co-presenter, "Finding Coverage in Supply Chain Attacks," OneCon24 Conference, October 2024
Co-presenter, "Sense and Sensitivity: Complying with California & US Laws Restricting Processing and Transfers of Sensitive Data," 2024 California Privacy Law webinar series, June 2024
Co-presenter, "North America Quarterly Privacy Webinar, US State Privacy Laws," May 2024
Co-presenter, "How Data Management Practices Can Help Meet The Challenges of a Fragmented Global Landscape," 2024 ACC SF Bay Area Privacy Summit, 22 May 2024
Co-presenter, "Cyber Defenders: Guardians of Critical Infrastructure," RSA, 74 May 2024
Co-hosted, "Cyber Readiness & Resilience: Around the World with Global Cybersecurity Regulations," Cyber Law Roundtable, 24 April 2024
Co-presenter, "Operationalizing a Data Privacy and Governance Program That Inspires Trust," InfraGard Workshop and Webinar, April 2024
Presenter, "Accountable AI: The Responsible Governance of New Technology," California Western Law Review & International Law Journal 2024 Spring Symposium, March 2024
Presenter, "Virtual Roundtable 16: AI Governance: Building a Defensible & Responsible Program" Society of Information Management (SIM), March 2024
Co-presenter, "SEC and Securities Litigation Spotlight on Cyber, AI, SPACs, and how to counter 'Short & Distort' Campaigns," 36th Annual Roth Conference, March 2024
Presenter, "Cyber Resilience in Today's Complex Environment," KMPG's International Information Integrity Institute (i-4), March 2024
Co-presenter, "Privacy Bytes - How Data Discovery is Key to AI Governance," Exterro, February 2024
Co-presenter, "Strategy and Risk in the Year of the Dragon: Data, Cyber and AI," Baker McKenzie event, February 2024
Co-presenter, "Our Top 10 Predictions on Global Data Privacy and Cybersecurity Risks, North America Privacy Webinar," January 2024
Presenter, "The Court of Public Opinion: Breach Response & Disclosure Obligations," SentinelOne's CyberLaw Forum, January 2024
Co-presenter, "Handling CCPA Data Subject Requests," 2024 California Privacy Law Webinar series, January 2024
Speaker, "The Renaissance of Trust and Privacy: Making Everything, Everywhere Happen All at Once," Privacy Symposium Conference, April 2023
Speaker, "The Rules of Engagement: Emerging Cyber Laws and 'Reasonable Security,'" RSA Conference, April 2023
Panelist, "Cyber Fraud: FBI & San Diego Cyber Council Present on the Importance of Humans in Cybersecurity," 2022 Fraud Prevention and Ethics Symposium, July 2022
Panelist, "Impacts of Nation State Sponsored Cyber Attacks," WiE National Conference, May 2022
Panelist, "Navigating Privacy Opportunities and Challenges Globally" Cybersecurity, Privacy & Data Protection Retreat, Sub-Four Capital, May 2022
Panelist, "Data Retention & Deletion: Building and Operationalizing Policies into Your Privacy Program," IAPP Global Privacy Summit, April 2022
Presenter, "Governing Cyber Risk," WiE, April 2022
Presenter, "Wisdom of Insecurity: Managing 2022 Cyber Risk," Association of Corporate Counsel, April 2022
Presenter, "Cyber Industry," 2022 Customer + Corporate Symposium, Western Energy, February 2022
Presenter, "Wisdom of the Tiger: Governing Privacy & Security Risk," San Diego ISSA Chapter, February 2022
Panelist, "Cybersecurity & Fraud in 2022," Wells Fargo, February 2022
Panelist, "An Introduction to the Role of Governance in Privacy and Cybersecurity," DLA Cyber Law Roundtable, January 2022
Presenter, "The Current Ransomware Landscape: A Journey Through the Stars," Utah iSymposium CLE, October 2021
Panelist, "External vs. Insider Threat: Responding to a Cyber Attack Caused by an Authorized User," IAPP Privacy.Security.Risk Conference, October 2021
Panelist, "From CCPA to CPRA," Techno Security and Digital Forensics Conference, October 2021
Presenter, "Rising Cyber Crimes & Working from Home," Special FBI Briefing, August 2021
Panelist, "Mitigating Cyber Risk," Sheppard Mullin Cyber Law Roundtable, March 2021
Presenter, "Making Space for New Laws: 2021 Privacy & Security Laws for InfoSec Pros," San Diego ISSA Chapter, February 2021
Panelist, "Roundtable: Fostering and Strengthening Relationships 'Attorneys and Litigation Support'," International Legal Technology Association, November 2020
Speaker, "Implicit Bias and Diversity in the In-House Counsel Setting," California Lawyers Association Shelter in Place Institute, November 2020
Panelist, "360 Degrees of a Ransomware Attack: Decision Points in Defense, Response and Mitigation," Infragard San Diego, November 2020
Moderator/Panelist, "Protect the Privilege: Maintaining Attorney-Client & Work Product Privilege During a Cyber Incident," USD Cyber Law Risk & Policy Symposium, October 2020
Speaker, "2020 VIP Backstage Pass: Investigating Cyber Events & HR Matters During a Pandemic," County of Los Angeles, October 2020
Panelist, "Cybersecurity Workshop: 'Do's and Don'ts of Incident Response'," North West Academic Computing Consortium, October 2020
Recording Session, "Cybersecurity in the Age of Telemedicine – 'Lessons Learned'," National PACE Association, October 2020
Speaker, "Girl Scouts Cybersecurity Workshop Sessions 'Cybersecurity Investigations'," Girl Scouts of America synED, September 2020
Panelist, "Journey to the Cloud," InfoCgv for Legal Operators, September 2020
Speaker, "Virtual Lunch with Leaders 'Mentorship' Webinar," San Diego Paralegal Association, August 2020
Speaker, "Planning for a Safe Return to the Office in a Covid World," San Diego InfraGard Webinar, August 2020
SynEdPanelist, Data Governance for Legal Operators Webinar, August 2020
Speaker, "Cyber Instructors/Coaches Training: Wrap-Up National Collaborative Efforts," June 2020
Panelist, "Data Privacy & Security | The New Litigation and Regulation Battleground," June 2020
Speaker, "WITI OC Virtual Event: A Guardians of the Galaxy's approach to California's Consumer Privacy Act (CCPA)," Women in Technology International, June 2020
Speaker, "Unique considerations in managing the risks of phishing and ransomware attack," Ernst & Young LLP, June 2020
Panelist, "PrivacyConnect San Diego: Expert Panel Session, Q&A," One Trust, May 2020
Speaker, "Reasonable Security and the CCPA," WSJ Pro Cybersecurity, May 2020
Speaker, "The COVID-19 Pandemic: Special FBI Briefing on Rising Cyber Crimes & Working from Home," Infragard San Diego, April 2020
Speaker, "'Vision: Preparing for CCPA' Speaking Presentation Timeslot," 2020 Techno Security & Digital Forensics Conference, March 2020
Speaker, "Get Smart 'Cyber-Intelligent Corporate Counsel Reduce Risks'," American Bar Association 2020 Corporate Counsel CLE Seminar, February 2020
Speaker, "VIP Backstage Pass "Ethical Issues in Responding to a Cyber Attack," Association Corporate Counsel 2020 MCLE La-Law Pooza, January 2020
Speaker, "Center for Real Estate Cyber Security: What It Means for Commercial Real Estate," The Paul Merage School of Business, January 2020
Speaker, "Security is Mostly a Superstition 'Reasonable Security' Under the California Consumer Privacy Act," Wall Street Journal Cybersecurity Symposium, January 2020

Baker & McKenzie LLP is a Limited Liability Partnership organized under the laws of the State of Illinois (USA) and is a member of Baker & McKenzie International, a Verein organized under the laws of Switzerland.