Morrison Foerster is an international law firm with lawyers practicing throughout the United States, Asia, and Europe. Click to discover more.

mofo_share_image.jpg

Morrison Foerster

common-default.jpeg

Terms / Notices

Cookies

Privacy Policy

Reporting Hotline

Attorney Advertising

Alumni

  Linkedin

MoFo LinkedIN

  Facebook

MoFo Facebook

YouTube

MoFo Youtube

Morrison Foerster - Footer

Calif. Privacy Agency Gaining Steam Ahead Of 5th Anniversary

You have not solved the recaptcha challenge yet or session expired, try again.

Email Disclaimer

Disclaimer

Unsolicited e-mails and information sent to Morrison Foerster will not be considered confidential, may be disclosed to others pursuant to our <a href="https://www.mofo.com/about/privacy-policy.html">Privacy Policy</a>, may not receive a response, and do not create an attorney-client relationship with Morrison Foerster. If you are not already a client of Morrison Foerster, do not include any confidential information in this message. Also, please note that our attorneys do not seek to practice law in any jurisdiction in which they are not properly authorized to do so.

Feedback

mofo-logo-2022.svg

People

Capabilities

Resources

About

Community

Offices

Careers

Stay Connected

Kaylee Cox Bankston recently spoke with Law360 about the California Privacy Protection Agency's expanding regulatory and...

<h3>Sorry, we weren’t able to find the terms you entered.</h3>Please try a different term or keyword.

People

Capabilities

Resources

Not Found Cards

About Morrison Foerster

people-default-header-desktop.jpg

people-default-header-mobile.jpg

Default Meta Data

Kaylee Cox Bankston recently spoke with Law360 about the California Privacy Protection Agency's expanding regulatory and enforcement activities as it approaches its fifth anniversary. Kaylee highlighted the significance of the agency's newly finalized rules, which require companies to conduct risk assessments and cybersecurity audits for high-risk automated decision-making technologies, noting, "That these regulations went forward and were finalized is another sign that enforcement is going to continue, especially because of the information that companies will need to submit to the agency for examination." She emphasized that businesses should not delay compliance, as the new requirements create heightened executive accountability and may increase litigation risks.Read the <a href="https://www.law360.com/articles/2415666/calif-privacy-agency-gaining-steam-ahead-of-5th-anniversary" target="_blank">full article</a>.

Sign Up

Kaylee Cox Bankston is a partner in Morrison Foerster’s Data, Cyber + Privacy Group. She advises clients across all industries on complex cybersecurity, privacy, and data matters, including cybersecurity investigations and breach preparation, corporate governance and risk management, regulatory investigations, litigation and class action defense, and other emerging industry issues, such as the use and impacts of artificial intelligence (AI). Kaylee was recognized by The Legal 500 US for her work in cyber law (including data privacy and data protection) in 2023 and 2025. Kaylee is also a co-author of The International Handbook of AI Law: A Guide to Understanding and Resolving the Legal Challenges of Artificial Intelligence.<ul><li>Cybersecurity Investigations and Incident Response Preparedness: Kaylee has extensive experience leading clients in investigations of sophisticated cyberattacks and security breaches conducted by high-profile threat actor groups, including ransomware, data extortion events, and business email compromises. She also counsels clients on incident response programs and preparedness, including developing and conducting cybersecurity simulations and tabletop exercises, preparing clients for security assessments, audits, and testing, and advising on post-assessment implementation and risk mitigation strategies. Kaylee advises clients on cybersecurity information and intelligence sharing, data access requests, and related national security matters.</li><li>Regulatory Investigations and Litigation: Kaylee has substantial experience representing clients in privacy and security investigations and related regulatory actions. She has represented companies in cybersecurity and privacy matters before U.S. and international regulators, including the U.S. Federal Trade Commission (FTC), the U.S. Securities and Exchange Commission (SEC), the U.S. Department of Justice (DOJ), the U.S. Department of Health and Human Services, Office of Civil Rights (HHS OCR), New York Department of Financial Services (NYDFS), and state attorneys general, and in litigation matters in various U.S. federal and state courts.</li><li>Compliance, Corporate Governance, and Public Companies Counseling: Kaylee has counseled numerous companies on how to navigate and comply with the new DOJ “Bulk Data” regulations, implementing Executive Order 14117. She has advised clients on the recent SEC Cybersecurity Disclosure Rules, including counseling on disclosure obligations for material cybersecurity incidents and developing annual SEC cybersecurity disclosures for publicly traded companies. Kaylee also counsels executives and boards of directors on cybersecurity and privacy corporate governance and risk management matters and regularly advises clients on the development of cybersecurity and privacy programs and compliance with other regulatory requirements and standards, such as the NYDFS Part 500 cybersecurity requirements, the FTC Safeguards Rule, the FTC Act, the California Consumer Privacy Act (CCPA) and state data privacy laws, the Illinois Biometric Information Privacy Act (BIPA), the Children’s Online Privacy Protection Act (COPPA), the Health Insurance Portability and Accountability Act (HIPAA), the Family Educational Rights and Privacy Act (FERPA), the Gramm-Leach-Bliley Act (GLBA), and the Payment Card Industry Data Security Standard (PCI DSS).</li><li>Corporate Transactions and Vendor Management: Kaylee counsels clients on vendor management programs, including developing security and privacy contracting frameworks and negotiating data protection agreements. Kaylee also advises clients on privacy and security diligence matters in connection with corporate transactions.</li></ul>Kaylee is an adjunct professor at Georgetown University Law Center, where she teaches a cybersecurity course. Kaylee is a Certified Information Privacy Professional (CIPP) through the International Association of Privacy Professionals. She previously served on the Center for a New American Security, Technology Policy Lab Working Group for Data Privacy and the Bar Association of the District of Columbia Board of Directors and National Security Steering Committee. She is also a member of Women in CyberSecurity (WiCyS).