Lead CDT’s policy advocacy and strategy and manage policy teams. Testified before Congress on privacy, AI, and cybersecurity issues; regularly speak with the media and at conferences on tech policy issues; and represent CDT in meetings with the Administration, Congress, regulatory agencies, and industry. Key areas of focus include free expression, content moderation, and platform regulation; artificial intelligence and algorithmic decision-making; privacy and data; government surveillance; equity in civic technology; cybersecurity; and elections.

Regularly advised clients across multiple industries on cyber risk mitigation, data breach response, global privacy compliance and regulation, national security and law enforcement matters, and issues affecting emerging technologies such as artificial intelligence and the Internet of Things (IoT). Represented clients in technology-related government investigations, litigation, and regulatory proceedings.• Cybersecurity risk management—Counseled clients, including Boards and executives, on mitigation of cyber risks, including assessment of the threat landscape and key risks, setting up appropriate governance processes, regulatory compliance, and development of incident response plans. • Data breach response—Represented clients that have been victims of data breaches and other cyber attacks, including direction of forensic investigations, communications and crisis management, compliance with notice and other regulatory obligations, and representation in government investigations.• Privacy regulation and compliance—Counseled clients on compliance with domestic and international privacy laws, cross-border data transfers, data localization, application of sector-specific privacy laws in areas such as healthcare and the financial industry, migration of data to cloud services, and regulatory and policy developments concerning emerging technologies.• National security and law enforcement—Assisted clients on national security and law enforcement issues such as government policies and regulations concerning security of 5G telecommunications networks, sanctions and export controls, and implications of the CLOUD Act and other legislation.

Led the team responsible for threat and incident response, cyber operations, international engagement, and technology policy issues such as encryption. Advised the National Security Advisor and Assistant to the President for Homeland Security, wrote decision memoranda for the President and for Principals and Deputies, and coordinated interagency development and implementation of cyber policy. • Key architect of the Presidential Policy Directive on United States Cyber Incident Coordination, which defines how the government responds to significant cyber incidents. • Chaired interagency group that engaged in legal and policy review of proposed cyber operations and campaign plans to respond to malicious cyber activity of nation-state and non-state actors. • Managed campaign to gain acceptance by over 30 countries of U.S.-proposed international cyber norms for state behavior, regularly worked with international counterparts on law enforcement cooperation and other cyber issues, and led interagency delegation to India for annual cyber dialogue. • Coordinated development of policy in areas such as defense of critical infrastructure sectors including communications, financial services, healthcare, energy, and electoral infrastructure; privacy and electronic surveillance legislation; and encryption.

Served as principal advisor to Deputy Attorney General and other department leadership on cybersecurity cases, investigations, and policy, led development of DOJ positions on cyber and communications issues, coordinated with FBI, and represented DOJ in White House interagency cyber policy and incident response committees. Played a key role in developing the Executive Order on sanctions for engaging in malicious cyber-enabled activities. Represented DOJ in negotiations resulting in historic 5-point cyber agreement between United States and China, including commitment not to engage in intellectual property theft for commercial gain. Coordinated development of cyber and technology policy on issues such as modernization of Computer Fraud and Abuse Act and the Electronic Communications Privacy Act and standards for law enforcement use of “cell site simulators.” Oversaw “Team Telecom” evaluation of national security risks posed by license applications to provide communications services.

Partner in Communications, Privacy, & Internet Law and Defense & National Security practice groups. Practice involved regulatory and policy work, litigation, and counseling on privacy and data security, national security, communications, and Internet law issues for companies in the communications, Internet and information technology, defense, media, and financial services sectors. • Nationally recognized expert who played key role in landmark cases establishing that Internet service providers and other online platforms are generally shielded from liability for unlawful content originated by third parties under Section 230 of the Communications Decency Act. • Litigated and advised clients in connection with privacy issues arising from geolocation data, targeted advertising, mobile devices and applications, cloud-based services, and use of big data. • Extensive litigation and counseling in connection with the Wiretap Act, the Electronic Communications Privacy Act, the Foreign Intelligence Surveillance Act, and related federal and state statutes. • Assisted clients with responses to data breaches and other security incidents, legal restrictions on countermeasures to cyber attacks such as the Computer Fraud and Abuse Act, and development of security policies and procedures. • Led teams handling investigations before the FTC and state Attorneys General on subjects such as software security, online advertising, and public release of customer search query data. • Represented major communications companies before the FCC and state regulatory commissions on high-stakes regulatory and policy matters such as net neutrality, wireless spectrum auctions, competition in telecommunications and broadband markets, satellite licensing, universal service, and consumer protection issues. Handled numerous appeals in the D.C. Circuit and other federal courts arising from regulatory orders.