Practical eDiscovery Insights from Norton Rose Fulbright's High Impact Cyber Incident Response

Sam Sessler is the Assistant Director of Global eDiscovry Services at Norton Rose Fullbright. Sam receives his BA in Computer Information Services from McMurry University.

Anna advises clients in the financial services, healthcare, insurance, and technology industries on data protection, privacy, cybersecurity, and governance issues. Anna's expertise encompasses the secure handling of confidential and personally identifiable information, as well as compliance with international, federal and state privacy regulations including GDPR, CCPA, HIPAA, CAN-SPAM and TCPA. She has worked closely with companies to build and mature privacy compliance programs, audit their privacy practices, conduct privacy impact assessments and map the use and processing of personal information.

Anna routinely works with clients on issues related to protecting data during transactions or reorganizations, such as M&A deals and drafting and negotiating tailored privacy and data security contract provisions. She has also advised companies on cross border data issues and the use of data transfer mechanisms.

Anna has significant experience working with clients to identify and remediate potential data security incidents. She works with clients and third parties to contain incidents and their effects, investigate their cause and impact, and deliver public and regulatory communications on behalf of clients. Anna also assists clients with all aspects of breach preparedness, including information security governance and risk management and counseling executives on cybersecurity matters.

Anna spent a year working in the Global Privacy Office of a multinational pharmaceutical company to assist with privacy and legal matters such as developing consent documents, creating internal data handling policies and procedures, and negotiating privacy and security terms with vendors. Prior to joining Norton Rose Fulbright, Anna served as Vice President of Global Privacy at JPMorgan Chase. Anna is a Certified Information Privacy Professional (CIPP/US) and is licensed to practice in New York.

David Kessler is the Head of Data and Information Risk, United States and is a thought leader on issues involving discovery, data privacy, records management, and cyber security.

David counsels clients on a range of data privacy matters focusing on compliance and cross border data transfers. David has provided advice regarding the Stored Communication Act (SCA), the Health Insurance Portability and Accountability Act (HIPAA), the Children's Online Privacy Protection Act (COPPA) and Family Educational Rights and Privacy Act (FERPA). He also provides advice to multinational clients regarding compliance with EU data protection and privacy laws including the General Data Protection Regulation (GDPR), where he works closely with his colleagues in the EU.

David acts as global discovery counsel for technology, finance, pharmaceutical and manufacturing companies where he helps them address litigation readiness, cross border discovery complications and acts as special discovery counsel in complex litigations. David focuses not only on tactical e-discovery issues in particular cases, but advises clients regarding strategic e-discovery portfolio management and data governance. For example, David has helped clients with emergency ex parte preservations orders; negotiations with opposing counsel regarding disaster recovery data; establishing that opponents had fabricated e-mails; and developed litigation readiness protocols

David has a particular focus on cross-border discovery. David was recently the counsel of record for an amicus brief before the United States Supreme Court in United States v. Microsoft addressing the importance of comity in cross border discovery. David has helped clients preserve, collect, process and transfer data from countries all over the world including, by way of example, Australia, Brazil, Canada, China, Germany, India, Italy, Nigeria, Japan, South Africa, Spain, Switzerland, and the United Kingdom. David is a contributor to and has been a faculty member for the Sedona Conference's (one of the world's leading e-discovery organizations) Work Group 6 on International Electronic Information Management, Discovery and Disclosure.

David is an adjunct professor at the University of Pennsylvania Law School where he teaches an advanced seminar on "E-Discovery."

David is a Certified Information Privacy Professional (CIPP/E) through the International Association of Privacy Professionals (IAPP).

As part of his information governance practice, David has advised clients on where and how to store and manage data globally as well as how to integrate record retention, data security and e-discovery into the fabric of their IT infrastructure. Beyond helping clients stand up information governance programs with policies and record retention schedules, David counsels clients on mobile device management, ephemeral data, disaster recovery and business continuity systems and the cloud. He also has represented clients in defensible data disposition projects and examining the contours of their own dark data.

As part of the firms cybersecurity team, David has represented clients both preparing for and responding to cyber incidents. He has drafted and revised incident response plans (IRPs), run table top exercises and helped clients select and contract with forensic and public relations vendors. David has advised clients about the scope of data breaches and the company's obligations to notify the appropriate authorities and the people affected by the breach. Finally, David has represented clients in investigations by the FTC into suspected incidents and the quality of the clients' preparations and response.

He received his B.A. with honors from the University of Florida and his J.D., summa cum laude, from the American University Washington College of Law

George Socha is responsible for increasing market awareness and adoption of Reveal’s platform globally. Additionally, George is tasked with guiding the product roadmap and consulting with Reveal customers on effective deployment of legal technology. In 2005, he co-founded the Electronic Discovery Reference Model (EDRM) whose frameworks and content have empowered a generation of legal professionals. He has worked for over three decades as a lawyer, advisor and court-approved expert.

George received his JD from Cornell Law School and his BA from the University of Wisconsin – Madison.