Marshall assists clients in managing all aspects of privacy and cybersecurity, including advising on compliance with federal, state and international privacy laws, with a particular focus on the California Consumer Privacy Act (CCPA), Virginia Consumer Data Protection Act (VCDPA), Colorado Privacy Act (CPA), Utah Consumer Privacy Act (UCPA), Connecticut Data Privacy Act (CTDPA) and the EU General Data Protection Regulation (GDPR). He helps clients develop compliant privacy programs, including notices, policies, rights request response processes and vendor contracts and templates.

Marshall also advises on cybersecurity incident response and preparedness activities, including analyzing US state and federal and non-US breach laws, and FTC and other enforcement for purposes of risk assessments.

Marshall holds the CIPP/US and CIPM credentials as a Certified Information Privacy Professional by the International Association of Privacy Professionals (IAPP).

In addition, Marshall maintains an active pro bono practice and has assisted a number of clients in asylum cases.

Marshall’s collaborative approach to counseling clients is informed by experience handling complex commercial litigation and regulatory matters.

Relevant Experience

• Advises clients on compliance with US, EU and international privacy laws and regulations.
• Advises clients on the requirements of and compliance with the CCPA, CPRA, VCDPA, CPA, UCPA, CTDPA and GDPR.
• Advises clients on compliance with FTC data privacy guidance.
• Drafts and negotiates privacy and data security provisions for commercial contracts.
• Advises clients with regard to privacy policies, notices and terms of use documents addressing data collection and processing issues.
• Conducts privacy and data security-related due diligence relating to contemplated acquisitions and other corporate actions.
• Assists with notifications to regulators and remedial measures to satisfy legal obligations.

Education
BA, University of Pennsylvania, Economics, summa cum laude, 2002

• What To Know About State-Level Health Data Privacy Laws, Law360
• 2023 Retail Industry Year in Review