Lili Burns is an associate in Morrison Foerster’s Privacy + Data Security practice. Lili advises clients across industries on data protection best practices, complex regulatory enforcement actions, risk management strategies, national and international regulatory compliance, product development, transaction diligence, and incident response and preparedness matters.

Lili advises clients in a variety of industries on complex data privacy and cybersecurity issues related to local, global, and industry-specific legal frameworks, including 23 NYCRR 500 (Part 500), the Gramm-Leach-Bliley Act (GLBA), the Fair Credit Reporting Act (FCRA), the California Consumer Protection Act (CCPA) and similar state laws, the General Data Protection Regulation (GDPR), the Biometric Information Privacy Act (BIPA), the Health Insurance Portability and Accountability Act (HIPAA), and the Children’s Online Privacy Protection Act (COPPA).

In particular, Lili has assisted clients in developing information security policies and procedures, negotiating data transfer and processing agreements, guiding regulatory strategy, advising on product development and design, and supporting corporate transactions. Lili has also advised clients regarding incident response strategy, data breaches investigations, and preparation of consumer and regulatory notifications.

Lili received her J.D. from Columbia Law School, where she was recognized as both a James Kent and Harlan Fiske Stone Scholar. Lili was also involved in the Columbia Science and Technology Law Review. Lili received her B.A. in English and comparative literature from Columbia University, where she graduated cum laude, with Honors in English.