Internationally recognized authority in privacy, AI, AdTech and Cybersecurity with in-house and Am Law 200 Experience
Known for her practical, operational, collaborative and forward-thinking approach
Former CPO of several global companies in the financial, technology and retail sectors
Significant experience solving complex privacy, data security and AI challenges both in house and as outside counsel
Association of Corporate Counsel Member of the Year, IAPP Westin Emeritus Fellow & Senior Fellow of the Future Privacy Forum
FUN FACT!
Lael has two rescue dogs: Waffle (internet famous for shredding a much-annotated copy of the GDPR) and Muffin
About Lael
Lael Bellamy has over 30 years of experience advising clients on privacy, data protection and cyber security laws with a focus on AdTech, AI, data use and governance, M&A, consumer protection, security and data breaches at DLA Piper and Fenwick & West. Previously, Lael spent most of her career in-house supporting CIOs and CMOs and was the Chief Privacy Officer of Voya/ING and The Weather Channel (later IBM) and led the privacy office at The Home Depot, where she addressed privacy and data use globally.
Lael is honored to have been named a Westin Emeritus Fellow by the International Association of Privacy Professionals (IAPP), an award commemorating privacy legal scholar, Alan Westin, and designating Distinguished Privacy Professionals who have contributed significantly to the field, and a Senior Fellow at the Future of Privacy Forum. She has served on the Executive Board of Directors and Educational Board of the IAPP and as President of the Association of Corporate Counsel (ACC) GA Chapter as well as on ACC National Committees. The ACC named Lael “Member of the Year” for her volunteer leadership and contributions to the in-house legal community.
Lael currently serves on the Advisory Committee of the Pro Bono Partnership of Atlanta, a nonprofit organization that provides free legal services to community-based nonprofits, is a frequent speaker on privacy, AdTech, AI and technology issues and is an adjunct privacy professor at the Emory University School of Law.
REPRESENTATIVE Experience
Leveraging her extensive in-house experience as a Chief Privacy Officer and technology lawyer, Lael offers a practical approach to help clients operationalize data protection requirements globally including:
conducting website, cookie, pixel and tracking assessments and remediation
monitoring and responding to global privacy developments and legislative changes
advising on all facets of incident response and breach notification
building governance and privacy programs
negotiating and drafting privacy, data protection and security agreements
drafting data use rights in complex technical transactions and outsourcing agreements
drafting data privacy and AI impact and transfer assessments and agreements
providing proactive advice regarding risk management, data strategy and privacy litigation risks
conducting privacy and cybersecurity due diligence related to M&A transactions
advising on the development of white label apps and programs
providing product counseling and reviews, including privacy impact assessments, strategy and risk mitigation, and design and implementation of privacy controls and supporting user testing
assisting with risk analysis, strategic advice, and implementation related to global expansions and post-merger integrations
advising on implementation of PETs (privacy enhancing technologies such as GPC, OOPS & UOOMs)
advising on compliance with U.S. state and federal privacy laws and regulations, including:
CCPA/CPRA and other comprehensive or “omnibus” state consumer privacy laws
Daniel’s Law
Video Privacy Protection Act, ADA and Drivers Privacy Protection Act
BIPA and biometrics privacy laws and requirements
Health Breach Notification Rule and UDAP claims
CAN-SPAM and other communications laws
Washington My Health My Data Act and state consumer health privacy laws
California Invasion of Privacy Act (CIPA) and state wiretapping and monitoring laws
California Age-Appropriate Design Code Act and children’s online privacy laws
Location tracking
Advertising, analytics, measurement and the use of deidentified data
Industry self-regulatory requirements including The Digital Advertising Alliance (DAA) self-regulatory principles and The Network Advertising Initiative (NAI) code of conduct
Lael understands her clients’ businesses with direct experience in the insurance and financial services, technology, retail, and AdTech industries. Specifically, Lael has collaborated globally on numerous projects regarding:
use of AI tools and approved use cases
monitoring of employees and return to work initiatives
drafting and updating employee notices and privacy policies
conducting joint data privacy and AI impact assessments
documenting technical and operational measures
training international legal, compliance, security, HR and marketing teams
developing of AI governance committees, policies, and programs
drafting AI product licensing and data use agreements
complying with Data Privacy Framework
transcribing and recording meetings
managing numerous security incidents and drafting all documents relating to security breach response for numerous clients, including notification letters, scripts, FAQs for individuals and notification letters to regulators, law enforcement, clients and credit reporting agencies
negotiating and drafted privacy, security, data breach and data use and limitation provisions of sophisticated global outsourcing, licensing, consulting, and services agreements
REPRESENTATIVE SPEAKING ENGAGEMENTS AND PUBLICATIONS
“What the DOJ’s Data Security Rule Means for Businesses”, Panel Member for the Privacy & Technology Law Section, State Bar of Georgia, March 2026
“AdTech Roundup/Privacy Litigation & Enforcement” ,Panel Member for the Privacy & Technology Section, State Bar of Georgia, March 2025
“AI, Privacy & IP: Consequences for Venture Capital”, Panel Member for Advanced Venture Capital Program for Practical Law Institute, October 2024
“AI & The Future of Work”, Panel Member for the Future of Privacy Forum’s inaugural DC Privacy Forum: AI Forward, June 2024
“Elevating your voice: Women, professional communications, and personal brand”, Organizer and moderator, DLA Piper & FTI Consulting, April 2024
“Practical tips for in-house counsel: Hot topics and trends in data privacy and cybersecurity”, Panel Member for the Association of Corporate Counsel (ACC), April 2024
“FTC orders BetterHelp to pay $7.8 million and limit information disclosures: Consent agreement settles allegations of improper disclosures of consumer health data for advertising”, DLA Piper, March 2023
PRACTICE AREAS
Data Privacy & Security
Artificial Intelligence
Technology
AdTech
RECOGNITION
ACC Member of the Year
IAPP Westin Emeritus Fellow
Senior Fellow at the Future of Privacy Forum
Leadership
President of the Association of Corporate Counsel (ACC) GA Chapter
ACC National Committees
Advisory Committee - Pro Bono Partnerships of Atlanta
IAPP Executive Board of Directors
IAPP Educational Board
professional associations
Certified Information Privacy Professional (CIPP/US)
BAR ADMISSION
Georgia
Education
J.D., Emory University School of Law
B.S., Cornell University