Kristen J. Mathews

Partner | New York | (212) 336-4038
(212) 336-4038

Kristen is a partner in our Global Privacy + Data Security Group. For more than 20 years, Kristen’s practice has focused on advising clients on the full spectrum of the most complex privacy and cybersecurity issues, including regulatory and compliance matters. An early leader in the privacy sphere, Kristen has developed comprehensive knowledge and long-term perspective, cultivated a client base across a broad range of industries, and established herself as one of the top lawyers in her field.

Legal 500 has recognized Kristen for her singular work, inducting her into its Hall of Fame in the category of Cyber Law. Since 2010, Chambers and Partners has also consistently ranked Kristen for her outstanding client service and extensive knowledge of the data privacy and cybersecurity space. In the words of her clients, “Kristen is a superb privacy lawyer. She was able to quickly identify all the potential challenges and then help us solve each one of them.” (Chambers USA 2021). She has been accredited by the International Association of Privacy Professionals (IAPP) as a certified information privacy professional (CIPP) since 2005.

Clients across the technology, financial, retail, consumer goods, health, insurance, media, education, auto, utilities, sports, and hospitality sectors seek Kristen’s counsel for their most complex privacy and cybersecurity matters. Kristen’s cybersecurity experience includes guiding clients on compliance with data privacy laws, such as the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA); protecting data in critical transactional matters, such as M&A deals and important commercial services agreements; and preventing, preparing for, and responding to cybersecurity breaches. She helps financial services and insurance businesses build and mature their cybersecurity programs, and she also provides counsel on direct marketing via text, voice, and e-mail and online, telematics, employee, and workplace privacy. During the COVID-19 pandemic, Kristen tracked state and federal laws and guidance in the United States regarding questions employers may ask employees about their physical symptoms and COVID-19 exposure, and regarding the use of face masks in the work place. She contributed to MoFo’s client-facing knowledge management database about these topics.

Prior to joining MoFo, Kristen led a group of 30 lawyers as head of the Privacy & Cybersecurity Group at another major global law firm.

A few examples of Kristen’s recent work include:

  • Assisted a global merchandise business in investigating, responding to, and defending claims brought in relation to a cybersecurity breach that affected a large volume of consumers and other businesses.
  • Assisted numerous consumer businesses in determining and implementing a practical plan of action to comply with the CCPA.
  • Assisted over 100 businesses in varying industries in becoming compliant with Europe’s GDPR.

Kristen continues to be at the forefront of developments in privacy and cybersecurity as ever-changing issues affect businesses around the world.

Show More



Unsolicited e-mails and information sent to Morrison & Foerster will not be considered confidential, may be disclosed to others pursuant to our Privacy Policy, may not receive a response, and do not create an attorney-client relationship with Morrison & Foerster. If you are not already a client of Morrison & Foerster, do not include any confidential information in this message. Also, please note that our attorneys do not seek to practice law in any jurisdiction in which they are not properly authorized to do so.