areas of expertise
Widely considered one of the country’s top privacy and data security lawyers, Tanya Forsheit has advised on high-profile matters involving confidential data and other sensitive information for over 20 years.
Ms. Forsheit is Chair of the Privacy & Data Security Group, and a partner in the Technology & Digital Media, Litigation, and Advertising, Marketing & Public Relations groups. She has advised on high-profile matters involving confidential data and other sensitive information for over 20 years. She represents multinational and emerging companies in the media, entertainment, consumer products, technology, advertising, health and wellness, and professional services industries, and serves as go-to outside privacy counsel for numerous organizations. She advises on the protection, processing and monetization of data, including matters related to interest-based advertising, privacy policies, mobile apps, cloud computing, smart devices, and data analytics. She has advised on hundreds of information technology deals and transactions on behalf of both service providers and enterprise purchasers, including multilayered AdTech and cloud computing agreements. She is routinely called upon to help clients respond to time-sensitive security events and has advised on hundreds of such incidents. She has assisted dozens of organizations with successful application for EU-US Privacy Shield certification, and is working with numerous multinational clients to prepare for unprecedented changes to privacy practices and programs required by the EU General Data Protection Regulation. In January 2018, she was named by the Daily Journal as one of the top 20 Cyber attorneys in California, and was one of three finalists for the Los Angeles Business Journal's Cybersecurity Lawyer of the Year recognition in 2017. She is currently an Adjunct Professor at Loyola Law School, where she is teaching EU Cybersecurity & Data Privacy Law in the Spring of 2018.
Her representative matters include:
- Advised on hundreds of information technology deals and transactions on behalf of both service providers and enterprise purchasers, including due diligence for, and negotiation and drafting of terms for, cloud computing agreements involving the sharing of sensitive information and other IT outsourcing transactions;
- Counseled hundreds of clients on implementation of programs, policies and procedures for purposes of complying with applicable laws and best practices, including but not limited to international laws such as the forthcoming European General Data Protection Regulation (GDPR); federal laws like the Telephone Consumer Protection Act, the CAN-SPAM Act, the Children’s Online Privacy Protection Act (COPPA), and the Gramm-Leach-Bliley Act (GLBA); and state laws including California’s Online Privacy Protection Act (CalOPPA) and Shine the Light law and Massachusetts’ data security regulations;
- Represented clients across industry sectors in connection with more than 100 data security breaches involving consumer data, employee information and other sensitive information;
- Drafted and updated several hundred privacy policies for websites, mobile apps and smart devices, including wearable technology;
- Assisted dozens of organizations on application for EU-US Privacy Shield certification;
- Represented nearly a dozen clients in litigating and/or resolving disputes under the Telephone Consumer Protection Act, including successfully defeating class certification in December 2015 on behalf of a healthcare technology company in a privacy class action in which plaintiffs sought recovery of more than $40 million for alleged unlawful transmission of faxes relating to HIPAA compliance.
Chambers USA, IT Law Experts, Who’s Who Legal, and Super Lawyers have all praised Ms. Forsheit for her privacy, data security and technology work, and the Los Angeles Daily Journal has twice included her in its list of "Top Women Lawyers." Ms. Forsheit lectures widely on technology law topics and has been quoted on privacy and data security in publications such as the Los Angeles Times, Forbes, ComputerWorld, Venture Beat, and Law360.
The International Association of Privacy Professionals (IAPP) has certified Ms. Forsheit as both an Information Privacy Professional (CIPP/US) and Privacy Technologist (CIPT). She sits on the Advisory Council of the Center for Democracy & Technology (CDT). Ms. Forsheit is a past President of the Women Lawyers Association of Los Angeles; and is a member of the American Bar Association: Science and Technology Law Section; the Los Angeles County Bar Association: Entertainment Law and Intellectual Property Section (ELIPS), Executive Committee; and the California Bar: Business Law Section, Cyberspace Committee.
Prior to joining Frankfurt Kurnit, she was a partner with BakerHostetler, and a founding partner of InfoLawGroup LLP, one of the nation’s leading privacy and data security boutiques.
awards & recognition
Chambers USA America's Leading Lawyers for Business (Privacy & Data Security)
IT Law Experts
Who’s Who Legal - Telecommunications Media & Technology - Information Technology
Super Lawyers - Top Rated Business Litigation Attorney in Los Angeles, CA
Los Angeles Daily Journal "Top Women Litigators"
Daily Journal - Top 20 Cyber Attorneys in California
Duke University (AB, cum laude, 1994)
University of Pennsylvania Law School (JD, 1997)
Upcoming Speaking Engagements
Past Speaking Engagements
Navigating the New Data Privacy Paradigm
November 7 2018
“I am a Lawyer: How Can I Advise on Data Security?”
Tanya Forsheit presents "I am a Lawyer: How Can I Advise on Data Security" at the International Association of Privacy Professional’s Privacy, Security, Risk 2018 program on October 19th in Austin. More information can be found here.
October 19 2018
New California Privacy Law: Key Compliance Challenges and Guidance for Corporate Counsel
September 26 2018
Cloud, Big Data and Artificial Intelligence
Tanya Forsheit speaks on the Practicum panel during the Cloud, Big Data and Artificial Intelligence CLE at Davis Wright Tremaine in Seattle.
June 6 2018
Los Angeles KnowledgeNet Chapter
Tanya Forsheit speaks at the Los Angeles KnowledgeNet Chapter meeting on The General Data Protection Regulation (GDPR) which goes into effect on May 25th. Daniel M. Goldberg is a chair of the local KnowledgeNet Chapter and the moderator for the event.
May 8 2018
Tanya Forsheit at the IAPP Global Privacy Summit 2018
Tanya Forsheit is on the panel “I’m a Lawyer: How Can I Advise on Data Security Issues?” at the International Association of Privacy Professionals Global Privacy Summit in Washington, DC.
March 28 2018
Tanya Forsheit at the IAPP Global Privacy Summit 2018
Tanya Forsheit presents “Can I have a Do-Over? The Top 10 Greatest PR #Fails in Data Breach Response at the International Association of Privacy Professionals Global Privacy Summit in Washington, DC.
March 27 2018
The National Conference on Class Actions – Recent Developments in Quebec, Canada and the U.S. (2018)
March 22 2018
Association of Corporate Counsel: Privacy and Data Security Event
Tanya Forsheit presents on privacy and data security for the Association of Corporate Counsel.
November 2 2017
IAPP: Privacy Security Risk 2017
Tanya Forsheit speaks at IAPP's Privacy Security Risk Conference on "Don't Panic! The Hitchhikers Last Minute Guide to the GDPR Galaxy', 'I'm a Lawyer: How Can I Advise on Data Security Issues?', and 'Women Leading Privacy and Security.' The firm sponsors the event. For more information click here.
October 17 2017
PLI: Think Like a Lawyer, Talk Like a Geek 2017: Get Fluent in Technology
September 14 2017
CLA: Online Privacy Rights
July 18 2017
Working Within the Shades of Gray: Frankfurt Kurnit’s Second Annual Advertising Law Summit
Legal questions confronting in house marketing lawyers rarely elicit simple "yes" or "no" answers. (If only they did!) More often than not — to the consternation of clients working on tight deadlines — the answer is "maybe" or "it depends" or "there's a risk." How do you help your marketing clients evaluate the risks and weigh them against potential rewards?
June 8 2017
2017 Cloud, Big Data, and Artificial Intelligence Conference
May 23 2017
Cloud Computing 2017: Key Issues and Practical Guidance
May 22 2017
Cloud Computing 2017: Key Issues and Practical Guidance
Once again, Tanya Forsheit chairs the yearly Cloud Computing: Key Issues and Practical Guidance for the Practising Law Institute (PLI). Ron Minkoff present the ethics portion in the New York seminar. For more informstion or to register, please click here
May 1 2017
ANA Law and Public Policy Conference
Terri Seligman and Tanya Forsheit present "Marketing in Augmented Reality: Pokémon Go and Treasure Hunts in The Digital Age" and Rick Kurnit participates once again on the "Tweeting With Words" panel at the 2017 ANA Advertising Law & Public Policy Conference.
March 28 2017
Traversing the Challenges of e-Commerce Litigation in Federal Court
Tanya Forsheit speaks at "Traversing the Challenges of e-Commerce Litigation in Federal Court" for The Rutter Group.
March 14 2017
The Global Legal Challenges of Privacy & Data Security
February 7 2017
Social Media 2017: Addressing Corporate Risks
February 2 2017
LA Daily Journal’s Cyber Boot Camp
January 12 2017
news & press
Data Liability Adds to Agency Stress
Marketers Push Agencies to Shoulder More Liability for Data Breaches
Thirty-nine Frankfurt Kurnit Attorneys Named in Super Lawyers Magazine for 2018
Super Lawyers magazine lists thirty-nine Frankfurt Kurnit attorneys in its 2018 edition.
Staying Current – Laserfiche GC Wylie Strout Keeps Contracts and Policies up to Date in A Changing Landscape
Wylie Strout mentions Tanya Forsheit and Frankfurt Kurnit as outside counsel to Laserfiche in an interview with the Daily Journal. Frankfurt Kurnit provides privacy regulatory advice. (Behind paywall)
Privacy is Dead, Long Live Privacy
CIO Dive quotes Tanya Forsheit on how treating data like currency can incentivize organizations to reassess how they collect and use data in light of Europe’s General Data Protection Regulation (GDPR).
Are You Ready for the New York Cybersecurity Regulations’ September 3rd Deadline?
Financial institutions and insurance companies operating in New York have until September 3, 2018 to comply with the next phase of New York's Cybersecurity Regulations. Here's what you need to know to avoid regulatory scrutiny.
GDPR Data Breach Notification Requirements
The National Law Review interviews Tanya Forsheit about the European Union’s General Data Protection Regulation (GDPR) that went into effect May 25. Ms. Forsheit explains the GDPR requirements and how companies need to comply with them.
New California Privacy Law Calls for Significant Changes
On the heels of the European General Data Protection Regulation (GDPR), California has now passed a digital privacy law that gives consumers more control over their personal information online.
Many US Companies Unprepared for New European Consent Rules
The LA Daily Journal quoted Tanya Forsheit on the European General Data Protection Regulation that rolled out on May 25. Ms. Forsheit notes the GDPR is a result of the growth of social media, data and high-profile breaches. (Behind paywall)
Frankfurt Kurnit in Chambers 2018
For the fourteenth consecutive year Chambers USA America's Leading Lawyers for Business recognized Frankfurt Kurnit. Chambers USA ranked us for our: Advertising, Media & Entertainment and Intellectual Property practices.
The GDPR’s Data Subject Rights and Why They Matter
The Cyber Security Law Report published Tanya Forsheit’s article “The GDPR’s Data Subject Rights and Why They Matter” which discusses the General Data Protection Regulation rights in Europe and the United States. (Behind paywall)
Data Security and Data Breaches: What’s A Lawyer To Do?
How GDPR Could Weaken, Not Strengthen, the Duopoly
Tanya Forsheit in the Daily Journal
The Daily Journal features Tanya Forsheit as one of the Top Cyber Lawyers 2018. The feature highlights Ms. Forsheit’s professional background as an attorney in the privacy and data security sector.
The Association of Corporate Counsel - Winter 2017 Newsletter
The Association of Corporate Counsel published Tanya Forsheit, S. Gregory Boyd, and Daniel Goldberg’s alert, Privacy Shield: Year One Updates You Need To Know, in the Focus on the New York City Chapter – Winter 2017 Newsletter.
FTC May Revisit Order Against Sears In Privacy Case
LACBA Trustees Adopt Policy Allowing Press to Electronically Record Board Meetings with Warning Sign
Google and Facebook: EU’s Draft ePrivacy Regulation Passes Committee and Parliament Vote
Privacy Shield: Year One Updates You Need To Know
This month we're celebrating Privacy Shield's first birthday with an update on everything Privacy Shield. There have been a number of developments on the Privacy Shield-front that companies certified or seeking self-certification under Privacy Shield need to know.
Third State Adopts Biometric Privacy Law
On June 1, 2017, Washington State joined Illinois and Texas as the third state to pass a biometric privacy law. The law, H.B. 1493, which goes into effect July 23, 2017, covers any business entity that collects biometric identifiers for commercial purposes.
A Big Phone Bill: Dish Network Telemarketing Violation Verdicts Total Approximately $341 Million
In a cautionary tale for marketers, two courts recently found satellite TV provider Dish Network ("Dish") liable for repeated and willful violations of federal and state telemarketing laws.
Frankfurt Kurnit in Chambers 2017
For the thirteenth consecutive year Chambers USA America's Leading Lawyers for Business recognized Frankfurt Kurnit. Chambers USA ranked us for our: Advertising: Transactional & Regulatory, Intellectual Property: Trade Mark & Copyright, Media & Entertainment: Entertainment Litigation, and Media & Entertainment: Film, Music, Television & Theater work.
Start Your Engines: We Have to Deal With GDPR, What Now?
Back in January, we posted about the circumstances in which your company, even if based in the US, must comply with the EU General Data Protection Regulation (GDPR), taking effect in May 2018. Here we will provide a high level checklist to help you start down the path of GDPR readiness.
Tanya Forsheit and Daniel Goldberg in the ISSA Journal April 2017
Tanya Forsheit and Daniel Goldberg's article, "Every Move You Make, I’ll Be Watching You Watching Me Watching You" is featured in the April 2017 edition of the Information Systems Security Association Journal.
Tanya Forsheit in the LA Daily Journal
New Privacy and Data Security Blog
Looking for an easy way to keep up with the rapid-fire changes in Privacy and Data Security law? Introducing Focus on the Data — Frankfurt Kurnit's weekly insights and practical guidance on privacy and data security issues.
More Complex Privacy Rules Expected in 2017
The Los Angeles Daily Journal quoted Tanya Forsheit on changes in international privacy and data security rules. Among other things, Ms. Forsheit noted that “many companies are still going through the process of getting approved under the new [Privacy Shield] rules.” Read more. (Behind paywall.)
FTC Hits Targeting Platform Turn Inc. for Deceptive Online Tracking
On Tuesday, December 20, the FTC announced a settlement with digital marketing platform Turn Inc. over claims that the company deceptively tracked users across the Internet for advertising purposes.
Data Breach Harm Standard May Head to SCOTUS in ‘17
FCC Adopts Broadband Consumer Privacy Rules
On October 27, 2016, the Federal Communications Commission (FCC) adopted an Order requiring broadband Internet service providers and all other telecommunications carriers providing telecommunications services to take greater steps to protect the privacy of their customers, including current and former subscribers and new applicants. Here's a summary of the key obligations imposed on carriers:
Latest on the FTC Data Security Front
FTC Issues Guide on How to Respond to a Data Breach, and Eleventh Circuit Questions the FTC's Interpretation of Its Section 5 Authority But Does NOT Alter the Unfairness Standard in Data Security Matters.
EU-U.S. Privacy Shield passes: Now What?
The New “Privacy Shield”: What Does it Mean for Your Company?
This week brought important news for any company that transfers across borders, or receives cross-border transfers of, consumer or employee personally identifying data (very broadly defined).
Tanya Forsheit in US Official News
Tanya Forsheit in Forever Duke Magazine
Tanya Forsheit in IAPP Daily Dashboard
Frankfurt Kurnit Adds Tanya Forsheit as Privacy and Data Security Group Co-Chair
Los Angeles, CA — Frankfurt Kurnit Klein + Selz PC has added Tanya Forsheit as partner and co-chair of the firm’s Privacy and Data Security Group effective July 5, 2016.
Frankfurt Kurnit in Chambers 2016
For the twelfth consecutive year Chambers USA America's Leading Lawyers for Business recognized Frankfurt Kurnit. Chambers USA ranked us for our: Advertising: Transactional & Regulatory, Intellectual Property: Trade Mark & Copyright, Media & Entertainment: Entertainment Litigation, and Media & Entertainment: Film, Music, Television & Theater work.