Privacy and Data Protection


Claire Lucy Readhead is an associate in the San Francisco office of Wilson Sonsini Goodrich & Rosati. Her practice focuses on strategic compliance counseling on a wide variety of privacy and data protection issues for preeminent technology, software, consumer product, educational, financial services, retail, biotechnology, pharmaceutical, and medical device companies. She also advises on privacy and data protection matters relating to mergers, acquisitions, and other corporate transactions. Claire provides counseling regarding regulatory inquiries, FTC order compliance, cyber intrusions, and data breach response and notification issues. In addition, she facilitates companies' privacy and data protection compliance regarding product design, mobile technologies, application development, media, and advertising. Claire is a Certified Information Privacy Professional (CIPP/US).

Prior to her legal career, Claire was a professional ballerina with the world-renowned National Ballet of Canada.

  • Seconded in-house to a large information security technology company, where Claire provided counseling on a range of complex privacy, compliance, regulatory, product, marketing, and data protection-related issues
  • Provided FTC order compliance counseling
  • Provided counseling to Target in responding to card brand inquiries stemming from the data security breach that Target announced in 2013
  • Provided counseling to TJX in responding to card brand inquiries stemming from the data security breach that TJX announced in 2007
  • Advised companies on compliance with privacy and data protection-related laws, rules, regulations, and industry standards, including CAN-SPAM, COPPA, FCRA, FERPA, GLBA, TCPA, VPPA, FTC- and SEC-issued guidance, self-regulatory matters, state privacy and breach notification laws, CalOPPA, SOPIPA, and California Attorney General-issued guidance
  • Conducted due diligence and negotiated representations, warranties, and covenants relating to privacy and data protection in connection with mergers, acquisitions, and other business transactions
  • Assisted clients regarding the mitigation of, and other responses relating to, data security breaches, including the coordination of nationwide notification to consumers, credit reporting agencies, and regulators
  • Counseled developers of platform software, mobile applications, and online services regarding privacy, data protection, and e-commerce issues
  • Prepared website privacy policies and terms of use for numerous clients
  • Advised educational technology company on various issues related to privacy of children, minors, and students
  • Drafted numerous information security policies, Red Flags Rule policies, PCI DSS policies, incident response plans, disaster recovery plans, compliance manuals, terms of service, and press releases
  • Advised companies on data security best practices, including compliance with FIPPs, ISO Standards, NIST Cybersecurity Framework, PCI DSS Standards, FTC- and SEC-issued guidance, and other regulatory guidance
  • J.D., UC Berkeley School of Law, 2011
  • B.A., English Literature, Cornell University, 2008
    Magna Cum Laude, With Distinction in All Subjects
  • Co-author, "Inside California's New Online Privacy Law for Minors," Law360, October 11, 2013
  • Co-author, "Update: California Governor Brown signs into law A.B. 370, 'do not track disclosure law,'" Lexology, September 30, 2013
  • Co-author, "Update: California Governor Brown signs into law S.B. 46, new notification requirements for data security breaches," Lexology, September 30, 2013
  • Co-author, "No Cookie for You: How COPPA Will Affect Your Company," Law360, August 5, 2013
  • Speaker, "Data Shift: Emerging Trends in Privacy & Cybersecurity Law," UC Berkeley School of Law, Berkeley, California, February 18, 2015
  • Speaker, "Social Media, Security, & Ethics," Santa Clara County Bar Association CLE Seminar, San Jose, California, December 8, 2014
  • Speaker, "Application Security," Chief Information Security Officer (CISO) Executive Forum, Palo Alto, California, December 2013
  • Speaker, "Digital Privacy, Promotional Advice, and Litigation," Oprah Winfrey Network, Los Angeles, California, October 2013
  • Speaker, "Children's Online Privacy Protection Act (COPPA) & the Media," Fandango, Los Angeles, California, August 2013
  • State Bar of California

Contact Information

One Market Plaza
Spear Tower, Suite 3300
San Francisco, CA 94105
Phone | 415-947-2033

Email | Claire Lucy

Areas of Expertise

Print to PDF