Faith is the Chair of the Firm’s Privacy and Data Security Practice Group and a Certified Information Privacy Professional/United States (CIPP/US). She is a creative, dynamic, and pragmatic problem solver who loves helping clients mitigate business risk and find practical solutions to legal challenges.
Faith counsels clients on compliance with the myriad and rapidly evolving privacy laws, including state, federal, and international laws, such as BIPA, CAN-SPAM, COPPA, FCRA, FERPA, FTC ACT, GLBA, HIPAA, TCPA, the California Consumer Privacy Act of 2018 (CCPA), as amended by the California Privacy Rights Act (CPRA), the Virginia Consumer Data Protection Act (VCDPA) , the Colorado Privacy Act (CPA), the Utah Consumer Privacy Act (UCPA), the Connecticut Act Concerning Personal Data Privacy and Online Monitoring (CTDPA), the Massachusetts data protection regulations (201 CMR 17), the New York SHIELD Act, and the General Data Protection Regulation (GDPR), and international data transfer mechanisms (including the “standard contractual clauses” issued by the European Commission and the international data transfer agreement and addendum issued by the UK Information Commissioner’s Office).
Faith also negotiates commercial agreements involving privacy and data security, including data processing and data sharing agreements; develops privacy and security policies and information management best practices; advises on incident and breach response; and handles privacy risk allocation and due diligence in the context of M&A and investment transactions. Faith provides guidance on regulatory matters and defended the first online behavioral advertising case brought by the Federal Trade Commission against an online network advertiser. In addition to her privacy expertise, Faith’s transactional practice focuses on the structuring, drafting, and negotiation of agreements surrounding the development and commercialization of technology and other intellectual property assets, including acquisition, distribution, strategic alliance, software as a service, and enterprise licensing agreements, as well as EULAs and terms of use.
Faith advises clients at all stages of growth, from private small-to-medium enterprises to large publicly-traded companies, and across a broad range of industry verticals that include software and e-commerce; marketing/advertising, financial, and healthcare technology; education; professional services; clinical trials and research; digital games; life sciences; and the arts.
Prior to joining the Firm, Faith was assistant college counsel to Emerson College, providing services to the College and to its Majestic Theater, and was an associate in the Washington, D.C. office of Covington & Burling, practicing in the intellectual property, technology, and communications areas. Following law school, she clerked for the Honorable Gerald Bard Tjoflat, Circuit Judge for the US Court of Appeals (Eleventh Circuit).
Affiliations
Speaking Engagements
Speaker, Introduction to Privacy Law for Aging Life Care Professionals, Aging Life Care Association
Video: Privacy and Data Security Issues for Service Recipients and Service Providers
Video: Understanding the Children’s Online Privacy Protection Act
Video: The Importance of Developing an Accurate Privacy Policy
Video: Privacy in M&A Transactions
Presenter, Lunch and Learn: Data Privacy and Security, Scroobious
Presenter, 2021 Privacy & Cybersecurity Conference, Future-Proofing Privacy Compliance, Boston Bar Association
Presenter, Pragmatic Advice for Addressing the Unique Challenges Raised by The Data Protection Landscape, New England Corporate Counsel Association, Inc.
Presenter, Operationalizing Standard Contractual Clauses, Morse and Privacy Ref
Presenter, Operationalizing Emerging US Privacy Laws, Privacy+Security Academy
Presenter, Privacy Online: How to Apply the Myriad Laws to Your Client’s Business, MCLE
Presenter, Privacy Round Table, Privacy Ref Webinar
Presenter, Confronting Privacy Fears: Practical Approaches to Challenges in the U.S. and EU, Morse and Hewitsons
Presenter (Privacy and Data Security), Head into the Clouds: What Every Lawyer Needs to Know About Purchasing – and Selling – Cloud Services, New England Corporate Counsel Association, Inc.
Presenter, Emerging Issues in M&A: Enhancing Data Privacy and Security in 2015, The Knowledge Group/The Knowledge Congress Live Webcast Series
Presenter, 16th Annual Intellectual Property Law Conference, FTC Privacy Law Update, MCLE
Presenter, 15th Annual Intellectual Property Law Conference, Privacy Update, MCLE
Presenter, 14th Annual Intellectual Property Law Conference, Privacy Update, MCLE
Publications
European Commission Approves EU-U.S. Data Privacy Framework
Top 10 Tips for Developing a Privacy Notice
Upcoming UK and EU Data Transfer Deadlines
Quoted: ZoomInfo: Company Sold Personal Phone Numbers of EU Citizens Without Consent After Saying It Does Not Sell Personal Data; Practice Likely Violates GDPR, According to Experts, and Undermines Company’s Lawful Basis for Operating in EU, The Capitol Forum
Quoted: ZoomInfo: Personal Data Gathered Using Community Edition Sold in Recruiter Platform, According to Former Employees; Practice Would Make Company Subject to Emerging State Privacy Laws, The Capitol Forum
CCPA Compliance – Required Updates to Privacy Policies
European Commission Adopts New Standard Contractual Clauses for Data Transfers
Virginia Follows California Lead on Data Protection—With Narrower Scope
The First Step in Developing a GDPR Compliance Strategy: Assess Your EU Personal Data Flows
4 SCARY Facts about the New European Union General Data Protection Regulation
Quoted: Burger King’s Google-Triggering Ad Invites Complaints, Scrutiny, Bloomberg
6 SCARY Privacy and Data Security Facts and Recent Developments
High-Level Points Regarding the U.S. Privacy and Data Security Landscape
M&A Privacy and Compliance with Applicable Privacy Laws and Sharing of Customer Information
Outside the office
Faith holds a degree in vocal performance from New England Conservatory of Music and continues to perform in cabaret settings. She is passionate about exercise and vegan pastry.
News & Events
News
-
2019-2023 M&A Deals
Mergers & Acquisitions: A Transaction Recap
February 21, 2024 -
Morse Women Attorneys Webinar Series
November 8, 2023 -
M&A News: Morse Client Garvin Construction Products in Acquisition by Beacon
October 5, 2023 -
Kevin Olson Earns IAPP Certified Information Privacy Technologist Credentials
September 11, 2023 -
Client Alert: European Commission Approves EU-U.S. Data Privacy Framework
July 17, 2023
Events
-
Building Resilient Biotechnology Research in the Shadow of The Biosecure Act
March 28, 2024 -
WEBINAR: True or False – Do you know your core privacy principles?
February 9, 2023 -
WEBINAR: Operationalizing Standard Contractual Clauses
August 26, 2021 -
Confronting Privacy Fears: Practical Approaches to Challenges in the U.S. and EU
October 24, 2019
Education
- Duke University, J.D., magna cum laude (managing editor of Duke Law Journal); M.A. in English
- New England Conservatory of Music, B.M., with academic honors, (vocal performance)
- Tufts University, B.A., summa cum laude
Admissions
- Massachusetts Bar
- District of Columbia
Practice Areas
- Copyright
- Intellectual Property
- Licensing & Strategic Alliances
- Mergers & Acquisitions
- Privacy & Data Security
- Startups & Emerging Companies
- Trademark
Industries
- Consumer Goods & Services
- Educational Institutions & Hospitals
- FinTech
- HealthTech
- Internet of Things
- Life Sciences
- Media & Entertainment
- Medical Devices
- Publishing
- Software-as-a-Service
Recognition
- 2022 Go To Lawyer for Cybersecurity and Data Privacy – Massachusetts Lawyers Weekly
- Top Women of Law for 2020 – Massachusetts Lawyers Weekly