Kristen J. Mathews

Kristen J. Mathews


Washington University in St. Louis (B.A., 1995)
Boston College Law School (J.D., 1998)

Bar Admissions

New York


Kristen is a partner in our Global Privacy + Data Security Group. For more than 20 years, her practice has focused on advising clients on the full spectrum of privacy and cybersecurity issues, including regulatory and compliance matters. An early leader in the privacy sphere, Kristen has established her broad global data privacy and cybersecurity practice by working with clients across a broad range of industries.

Kristen’s cybersecurity experience includes guiding clients on compliance with data privacy laws, such as the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA); protecting data in critical transactional matters, such as M&A deals; and preventing, preparing for, and responding to cybersecurity breaches. She helps financial services and insurance businesses build and mature their cybersecurity programs. She also provides counsel on direct-marketing compliance and defense of claims, and online, telematics, and employee and workplace privacy.

Kristen built her experience in these areas over several years with a New York–based technology law firm and later as head of the privacy and cybersecurity practice group of another major global firm. Clients across the technology, financial, retail, consumer goods, health, insurance, media, education, auto, utilities, sports, and hospitality sectors benefit from Kristen’s experience with the most complex privacy and cybersecurity matters.

Kristen continues to be at the forefront of developments in privacy and cybersecurity as ever-changing issues affect businesses around the world.  Just a few examples of her recent work include:

  • Assisting a global merchandise business in investigating, responding to, and defending claims brought in relation to a cybersecurity breach that affected a large volume of consumers and other businesses.
  • Assisting a global consumer business in determining and implementing a practical plan of action to comply with the CCPA. 
  • Assisting over 100 businesses in varying industries in becoming compliant with Europe’s GDPR.

Legal 500 has recognized Kristen for her singular work, inducting her into its Hall of Fame in the category of Cyber Law. Over the last decade, Chambers USA and Chambers Global have also consistently recognized Kristen for her outstanding client service and extensive knowledge of the data privacy and cybersecurity space in the following categories:

  • Chambers USA: Nationwide: Privacy & Data Security 2010–2018
  • Chambers USA: New York: Technology & Outsourcing 2013–2016
  • Chambers Global: USA, Privacy & Data Security 2011–2018

Chambers USA (2010-2018) – Nationwide: Privacy & Data Security

Chambers USA (2013-2016) – New York: Technology & Outsourcing

Chambers Global (2011-2019) – USA, Privacy & Data Security

The Legal 500 US Hall of Fame (2017-2018)

The Legal 500 US (2014-2016) – Media, Technology, and Telecoms: Technology: Cyber Crime

The Legal 500 US (2010-2016) – Media, Technology, and Telecoms: Technology: Data Protection and Privacy

The Legal 500 US (2011-2017) – Media, Technology, and Telecoms: Technology: Transactions

Expert Guides (2017) – Women in Business Law

Expert Guides (2019) – Best of the Best USA

Super Lawyers (2017) – New York

International Who's Who Legal (2018) – Data Security

International Who's Who Legal (2018) – Information Technology

Euromoney Expert Guides – Top 30 Data Protection Lawyers in the United States

Email Disclaimer

Unsolicited e-mails and information sent to Morrison & Foerster will not be considered confidential, may be disclosed to others pursuant to our Privacy Policy, may not receive a response, and do not create an attorney-client relationship with Morrison & Foerster. If you are not already a client of Morrison & Foerster, do not include any confidential information in this message. Also, please note that our attorneys do not seek to practice law in any jurisdiction in which they are not properly authorized to do so.

©1996-2019 Morrison & Foerster LLP. All rights reserved.