Christine E. Lyon

Christine E. Lyon


University of Iowa (B.A., 1996)
Stanford Law School (J.D., 1999)

Bar Admissions


Christine Lyon helps companies develop privacy and data protection strategies for new products and services, as well as privacy compliance programs for their customer and employee data. A trusted advisor, Chris works collaboratively with her clients to develop practical approaches that leverage data while complying with evolving global privacy and data protection laws.

Based in Silicon Valley, Chris’ clients span various industries for which data are vital to operations or business models, including technology service providers, hardware and software companies, pharmaceutical and biotechnology companies, and consumer product manufacturers. She has extensive experience navigating privacy risks from design through production and beyond, regularly counseling startups and large multinationals alike throughout the lifespans of their products and services. Chris has particular expertise advising technology companies on building privacy protections into cutting-edge offerings including connected products and services (Internet of Things), artificial intelligence (AI) and data analytics, and cloud-based services, as well as on managing the related “Big Data” implications. She also frequently conducts privacy assessments of new products and services and helps clients structure and negotiate the privacy aspects of M&A and other strategic transactions to both achieve compliance and manage data risks.

By addressing emerging data protection laws, including the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), Chris helps clients achieve efficiency and cross-jurisdictional coordination in their privacy programs. Chris also has experience implementing a variety of mechanisms to facilitate international data flows and transfers, including EU Binding Corporate Rules, Privacy Shield certification, and international data transfer agreements. She has coordinated projects spanning privacy law requirements in dozens of countries, consolidating this information into practical, actionable privacy programs for clients.

The Legal 500 US has recognized Chris as a “rising star” in the area of privacy and data protection and recommended her for cyber law, and she has received the Burton Award for Distinguished Legal Writing. She frequently writes and speaks on the topics of the intersection of privacy and technology.

Representative Matters

  • Working with multinational organizations to develop privacy compliance programs, including privacy-related terms for customer and vendor agreements, internal and external privacy and data protection policies, cross-border data transfer mechanisms (including EU binding corporate rules), and internal privacy governance frameworks and procedures.
  • Assisting device manufacturers in developing privacy policies and procedures for connected “smart home” appliances and related service offerings.
  • Advising data service providers on building privacy protections into new data-driven services, such as services offered for fraud prevention or targeted marketing purposes, taking into account global data protection requirements and privacy by design principles.

Email Disclaimer

Unsolicited e-mails and information sent to Morrison & Foerster will not be considered confidential, may be disclosed to others pursuant to our Privacy Policy, may not receive a response, and do not create an attorney-client relationship with Morrison & Foerster. If you are not already a client of Morrison & Foerster, do not include any confidential information in this message. Also, please note that our attorneys do not seek to practice law in any jurisdiction in which they are not properly authorized to do so.

©1996-2019 Morrison & Foerster LLP. All rights reserved.