Christine E. Lyon

Partner | Palo Alto | (650) 813-5770
(650) 813-5770

I help my clients develop privacy and data protection strategies, especially in cutting-edge technology offerings and developments.

Chris helps companies develop privacy and data protection strategies for new products and services, as well as privacy compliance programs for their customer and employee data. A trusted advisor, Chris works collaboratively with her clients to develop practical approaches that leverage data while complying with evolving global privacy and data protection laws.

Based in Silicon Valley, Chris’ clients span various industries for which data are vital to operations or business models, including technology service providers, hardware and software companies, pharmaceutical and biotechnology companies, and consumer product manufacturers. She has extensive experience navigating privacy risks from design through production and beyond, regularly counseling startups and large multinationals alike throughout the lifespans of their products and services. Chris has particularly extensive experience advising technology companies on building privacy protections into cutting-edge offerings including connected products and services (Internet of Things), artificial intelligence (AI) and data analytics, and cloud-based services, as well as on managing the related “Big Data” implications. She also frequently conducts privacy assessments of new products and services and helps clients structure and negotiate the privacy aspects of M&A and other strategic transactions to both achieve compliance and manage data risks.

By addressing emerging data protection laws, including the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), Chris helps clients achieve efficiency and cross-jurisdictional coordination in their privacy programs. She advises clients on workplace and employee privacy issues related to collection and handling of employee data. Chris also has experience implementing a variety of mechanisms to facilitate international data flows and transfers, including EU Binding Corporate Rules, Privacy Shield certification, and international data transfer agreements. She has coordinated projects spanning privacy law requirements in dozens of countries, consolidating this information into practical, actionable privacy programs for clients.

Chris frequently writes and speaks on the topics of the intersection of privacy and technology, and has won the Burton Award for Distinguished Legal Writing.

Show More


  • Developing privacy compliance programs, including privacy-related terms for customer and vendor agreements, internal and external privacy and data protection policies, cross-border data transfer mechanisms (including EU binding corporate rules), and internal privacy governance frameworks and procedures.

  • Assisting in developing privacy policies and procedures for connected “smart home” appliances and other consumer products, as well as industrial IoT devices, along with related service offerings.

  • Advising on building privacy protections into new data-driven services, including services leveraging AI and other cutting-edge data analytics, taking into account global data protection requirements and privacy by design principles.



Unsolicited e-mails and information sent to Morrison & Foerster will not be considered confidential, may be disclosed to others pursuant to our Privacy Policy, may not receive a response, and do not create an attorney-client relationship with Morrison & Foerster. If you are not already a client of Morrison & Foerster, do not include any confidential information in this message. Also, please note that our attorneys do not seek to practice law in any jurisdiction in which they are not properly authorized to do so.