Justine Phillips | People | Baker McKenzie

Biography

Justine Phillips is a partner and co-chair of the Data & Cyber Practice Group for North America.

Practice Focus

Justine focuses her practice on both proactive and reactive cybersecurity and data protection services, representing multinational clients in matters related to incident preparedness and response, compliance with global cyber laws, privileged cyber investigations and gap assessments, data governance, data and cyber litigation.

She provides actionable and practical guidance to help businesses manage data, technology, cyber threats, privacy, security and digital assets. As businesses navigate complex and far-reaching laws and regulations, Justine proactively creates compliance programs customized to client needs and budgets, including data mapping, vendor management, privacy and security by design, cyber risk management and mitigation, workforce policies, data retention and destruction policies and implementation, consumer request workflows, cyber-awareness policies and trainings, and CCPA/CPRA readiness audits. Justine is nationally recognized for her thought leadership and role in providing reactive cyber services, including incident response, crisis management, privileged forensic investigations into business email compromises, data breaches and ransomware attacks, compliance with notice obligations to individuals and regulators, regulatory inquiries and investigations, and cyber litigation. Justine also handles employment litigation and counseling, as well as commercial litigation.

Professional Honors

Named to The Best Lawyers in America for Privacy and Data Security Law (2023)

Professional Associations and Memberships

Infragard San Diego - Vice president
Cyber Law Symposium - Founder and chair
San Diego Cyber Council - Founder

Admissions

California~United States
U.S. Supreme Court

Education

University of San Diego School of Law (J.D., magna cum laude) (2005)
University of San Diego (B.A.) (1999)

Publications

Co-author, “AI Innovation in California Prevails: California Governor Nixes Major AI Legislation,” Connect on Tech, October 2024
Co-author, “Minding Your Data: New Law Expands CCPA’s Sensitive Personal Information to Include Neural Data,” Connect on Tech, October 2024
Co-author, “United States: SolarWinds Landmark Ruling – Amid Defense Victories, Questions Remain on Individual Liability and Material Misstatements of Fact,” Connect on Tech, 24 July 2024
Co-author, “Cyber Transparency, Risk & Sanctions: How Cyber Incidents Give Rise to Export Control Issues,” Connect on Tech, 24 May 2024
Co-author, "Kentucky is Off to the Races: Bluegrass State is 15th to Pass Comprehensive Privacy Law," Connect on Tech, 10 April 2024
Co-author, "Mission Critical: CIRCIA’s Regulations and the Race to Secure Critical Infrastructure,” Connect on Tech, 4 April 2024
Co-author, "Cybercriminals Have Small Town, USA in Their Crosshairs: How to Fight Back,” The Hill, 15 February 2024
Co-author, “Living Free from the Sale of Personal Data: New Hampshire is the 14th US State to Pass Comprehensive Privacy Law,” Connect on Tech, 30 January 2024

Co-author, “Here, There and Everywhere: FTC Puts Location Data on the Enforcement Map for 2024,” Connect on Tech, 25 January 2024
Co-author, “Lucky 13: the Garden State Cultivates the Privacy Landscape,” Connect on Tech, 11 January 2024
Co-author, "The 2024 Baker McKenzie 'Top 10' Predictions on Global Data Privacy and Cybersecurity Risks,” 27 December 2023
Co-author, California’s CPPA moves into 2024 with an ambitious agenda on Cybersecurity Audits, Risk Assessments, and Automated Decision-Making Technology, Connect on Tech, 14 December 2023
Co-author, Data Privacy Program Guide: How to Build a Privacy Program that Inspires Trust, Ciso DRG Publishing, 2022
Quoted, "What to Do – And What Not to Do – In the Aftermath of a Cybersecurity Attack," The Wall Street Journal, December 2020
Quoted, "No Income and Number 88,000 In Line: This Is What It’s Like to Be Unemployed in America," USA Today, May 2020
Quoted, "New State Law Gives Californian’s More Rights When It Comes to Protecting Data Online," ABC News, July 2018
Quoted, "New Calif. Data Breach Law May Fall Short," Law360, October 2014
Quoted, "Calif. Smart-Meter Data Law Hints at Privacy Bills to Come," Law360, January 2014

Events

Co-presenter, “Global Rules of Engagement: Emerging Cyber Laws and Regulations," OneCon24 Conference, 16 October 2024
Co-presenter, “Finding Coverage in Supply Chain Attacks,” OneCon24 Conference, 16 October 2024
Co-presenter, “Sense and Sensitivity: Complying with California & US Laws Restricting Processing and Transfers of Sensitive Data,” 2024 California Privacy Law webinar series, 12 June 2024
Co-presenter, “North America Quarterly Privacy Webinar, US State Privacy Laws,” 29 May 2024
Co-presenter, “How Data Management Practices Can Help Meet The Challenges of a Fragmented Global Landscape,” 2024 ACC SF Bay Area Privacy Summit, 22 May 2024
Co-presenter, “Cyber Defenders: Guardians of Critical Infrastructure,” RSA, 74 May 2024
Co-hosted, “Cyber Readiness & Resilience: Around the World with Global Cybersecurity Regulations,” Cyber Law Roundtable, 24 April 2024
Co-presenter, “Operationalizing a Data Privacy and Governance Program That Inspires Trust,” InfraGard Workshop and Webinar, 17 April 2024
Presenter, "Accountable AI: The Responsible Governance of New Technology,” California Western Law Review & International Law Journal 2024 Spring Symposium, 26 March 2024
Presenter, “Virtual Roundtable 16: AI Governance: Building a Defensible & Responsible Program” Society of Information Management (SIM), 26 March 2024
Co-presenter, “SEC and Securities Litigation Spotlight on Cyber, AI, SPACs, and how to counter 'Short & Distort' Campaigns,” 36th Annual Roth Conference, 19 March 2024
Presenter, “Cyber Resilience in Today’s Complex Environment,” KMPG’s International Information Integrity Institute (i-4), 5 March 2024
Co-presenter, “Privacy Bytes - How Data Discovery is Key to AI Governance,” Exterro, 15 February 2024
Co-presenter, “Strategy and Risk in the Year of the Dragon: Data, Cyber and AI,” Baker McKenzie event, 6 February 2024
Co-presenter, “Our Top 10 Predictions on Global Data Privacy and Cybersecurity Risks, North America Privacy Webinar,” 25 January 2024
Presenter, “The Court of Public Opinion: Breach Response & Disclosure Obligations,” SentinelOne’s CyberLaw Forum, 18 January 2024
Co-presenter, “Handling CCPA Data Subject Requests,” 2024 California Privacy Law Webinar series, 11 January 2024
Speaker, "The Renaissance of Trust and Privacy: Making Everything, Everywhere Happen All at Once," Privacy Symposium Conference, April 2023
Speaker, "The Rules of Engagement: Emerging Cyber Laws and 'Reasonable Security,'" RSA Conference, April 2023
Panelist, "Cyber Fraud: FBI & San Diego Cyber Council Present on the Importance of Humans in Cybersecurity," 2022 Fraud Prevention and Ethics Symposium, July 2022
Panelist, "Impacts of Nation State Sponsored Cyber Attacks," WiE National Conference, May 2022
Panelist, "Navigating Privacy Opportunities and Challenges Globally" Cybersecurity, Privacy & Data Protection Retreat, Sub-Four Capital, May 2022
Panelist, "Data Retention & Deletion: Building and Operationalizing Policies into Your Privacy Program," IAPP Global Privacy Summit, April 2022
Presenter, "Governing Cyber Risk," WiE, April 2022
Presenter, "Wisdom of Insecurity: Managing 2022 Cyber Risk," Association of Corporate Counsel, April 2022
Presenter, "Cyber Industry," 2022 Customer + Corporate Symposium, Western Energy, February 2022
Presenter, "Wisdom of the Tiger: Governing Privacy & Security Risk," San Diego ISSA Chapter, February 2022
Panelist, "Cybersecurity & Fraud in 2022," Wells Fargo, February 2022
Panelist, "An Introduction to the Role of Governance in Privacy and Cybersecurity," DLA Cyber Law Roundtable, January 2022
Presenter, "The Current Ransomware Landscape: A Journey Through the Stars," Utah iSymposium CLE, October 2021
Panelist, "External vs. Insider Threat: Responding to a Cyber Attack Caused by an Authorized User," IAPP Privacy.Security.Risk Conference, October 2021
Panelist, "From CCPA to CPRA," Techno Security and Digital Forensics Conference, October 2021
Presenter, "Rising Cyber Crimes & Working from Home," Special FBI Briefing, August 2021
Panelist, "Mitigating Cyber Risk," Sheppard Mullin Cyber Law Roundtable, March 2021
Presenter, "Making Space for New Laws: 2021 Privacy & Security Laws for InfoSec Pros," San Diego ISSA Chapter, February 2021
Panelist, "Roundtable: Fostering and Strengthening Relationships 'Attorneys and Litigation Support'," International Legal Technology Association, November 2020
Speaker, "Implicit Bias and Diversity in the In-House Counsel Setting," California Lawyers Association Shelter in Place Institute, November 2020
Panelist, "360 Degrees of a Ransomware Attack: Decision Points in Defense, Response and Mitigation," Infragard San Diego, November 2020
Moderator/Panelist, "Protect the Privilege: Maintaining Attorney-Client & Work Product Privilege During a Cyber Incident," USD Cyber Law Risk & Policy Symposium, October 2020
Speaker, "2020 VIP Backstage Pass: Investigating Cyber Events & HR Matters During a Pandemic," County of Los Angeles, October 2020
Panelist, "Cybersecurity Workshop: 'Do's and Don'ts of Incident Response'," North West Academic Computing Consortium, October 2020
Recording Session, "Cybersecurity in the Age of Telemedicine – 'Lessons Learned'," National PACE Association, October 2020
Speaker, "Girl Scouts Cybersecurity Workshop Sessions 'Cybersecurity Investigations'," Girl Scouts of America synED, September 2020
Panelist, "Journey to the Cloud," InfoCgv for Legal Operators, September 2020
Speaker, "Virtual Lunch with Leaders 'Mentorship' Webinar," San Diego Paralegal Association, August 2020
Speaker, "Planning for a Safe Return to the Office in a Covid World," San Diego InfraGard Webinar, August 2020
SynEdPanelist, Data Governance for Legal Operators Webinar, August 2020
Speaker, "Cyber Instructors/Coaches Training: Wrap-Up National Collaborative Efforts," June 2020
Panelist, "Data Privacy & Security | The New Litigation and Regulation Battleground," June 2020
Speaker, "WITI OC Virtual Event: A Guardians of the Galaxy's approach to California’s Consumer Privacy Act (CCPA)," Women in Technology International, June 2020
Speaker, "Unique considerations in managing the risks of phishing and ransomware attack," Ernst & Young LLP, June 2020
Panelist, "PrivacyConnect San Diego: Expert Panel Session, Q&A," One Trust, May 2020
Speaker, "Reasonable Security and the CCPA," WSJ Pro Cybersecurity, May 2020
Speaker, "The COVID-19 Pandemic: Special FBI Briefing on Rising Cyber Crimes & Working from Home," Infragard San Diego, April 2020
Speaker, "'Vision: Preparing for CCPA' Speaking Presentation Timeslot," 2020 Techno Security & Digital Forensics Conference, March 2020
Speaker, "Get Smart 'Cyber-Intelligent Corporate Counsel Reduce Risks'," American Bar Association 2020 Corporate Counsel CLE Seminar, February 2020
Speaker, "VIP Backstage Pass "Ethical Issues in Responding to a Cyber Attack'," Association Corporate Counsel 2020 MCLE La-Law Pooza, January 2020
Speaker, "Center for Real Estate Cyber Security: What It Means for Commercial Real Estate," The Paul Merage School of Business, January 2020
Speaker, "Security is Mostly a Superstition 'Reasonable Security' Under the California Consumer Privacy Act," Wall Street Journal Cybersecurity Symposium, January 2020
Speaker, "New Technologies and the Potential Privacy & Responsibility Challenges They Present," SDSC’s Annual Winter Forum on Data, December 2019
Speaker, "GDPR and its implications," SDSC’s Annual Winter Forum on Data, December 2019
Panelist, "Risk Management Considerations," Cybercon 2019 Conference, November 2019
Moderator, "'Reasonable Security' Under the California Consumer Privacy Act," USD 2nd Annual Cyber Law Risk and Policy Symposium, November 2019 • Speaker, "Cyber Security Discussion," Coronado Rotary Club, October 2019
Panelist, "CISO Coalition: California Consumer Privacy Act (CCPA) Discussions," Gartner, October 2019
Speaker, Happy Hour with Your Labor Lawyer, October 2019
Panelist, Workplace 2020: "20/20 Vision in the Workplace," SDEAC, October 2019
Speaker, "CCPA’s Legislative Updates & Amendments," Sheppard Mullin’s Cyber Law Roundtable webinar, October 2019
Panelist, "Breakfast Panel Discussion: Automation & Compliance," PwC, September 2019
Speaker, "Implications of the California Consumer Privacy Act and the Rapidly Changing Legal Precedents on Corporate Security," June 2019
Speaker, "CCPA with ESET," Tech San Diego’s Cybersecurity Summit, June 2019
Speaker, "CCPA & GDPR," OneTrust PrivacyConnect Roadshow, June 2019
Speaker, "Cyber Law Roundtable – CCPA and The Three Questions," Sheppard Mullin’s Cyber Law Roundtable webinar, April 2019
Panelist, "Tribes Are Prime Targets: Threats and Solutions for Cybersecurity & Criminal Activity," Native American Finance Officers Association, April 2019
Speaker, "Collection of Ephemeral Messaging, Social Media & Other Emerging Media," 2019 Techno Security & Digital: Impermanence in Forensics & eDiscovery, March 2019
Speaker, Southern California Tribal CFO Roundtable on the California Consumer Protection Act, March 2019
Speaker, "Warrior One: Yoga & Meditation for Legal Professionals," Life & Law, January 2019
Speaker, "Lost in Space: Navigating “Reasonable Security," ISACA's San Diego Chapter, January 2019