Jennifer C. Everett

Regulatory Advisory/Compliance Counseling

• Advising numerous companies on the development of proactive compliance with emerging U.S. state comprehensive privacy laws, including the California Consumer Privacy Act of 2018 (CCPA), Virginia Consumer Data Protection Act (VCDPA), Connecticut Data Privacy Act (CTDPA), and Consumer Privacy Act, as well as topical state privacy laws relating to health and biometric data.
• Advising companies on website design and deployment of adtech and other third-party technologies to comply with laws and platform policies.
• Conducted privacy and security assessments for international SaaS platform providers and data analytics companies with operations around the globe.
• Advised smart camera companies on the deployment of smart technologies, including facial recognition.
• Counseled online services companies on emerging laws related to teen and child users, age verification, parental consent.

Regulatory and Enforcement

• Resolved U.S. state and multistate attorney general investigations following data breaches.
• Resolved a Federal Trade Commission (FTC) investigation involving a consumer goods company.
• Represented an online financial consumer company in a state attorney general investigation following a security incident.

Jennifer Everett focuses on regulatory compliance, enforcement, and transactions in data privacy, cybersecurity, health care, and emerging technologies. Jennifer offers strategic guidance to public and private companies across several sectors, including life sciences and health technology, when navigating state, federal, and international privacy regulations, including the EU General Data Protection Regulation (GDPR), state-specific privacy laws, biometric regulations, children’s privacy, workplace privacy, the Federal Trade Commission Act, and other U.S. consumer privacy statutes.

Jennifer oversees all aspects of U.S. and international data breach investigation and response, providing guidance on forensic investigations, notifications, and related regulatory inquiries. She has defended clients in regulatory inquiries regarding data security practices, including investigations by the FTC, the U.S. Department of Health and Human Services, state attorneys general, and international regulators following data security incidents. She frequently conducts training sessions for senior leadership and corporate boards, focusing on mitigating privacy and cyber risks.

With extensive knowledge of health privacy law, Jennifer provides guidance on a variety of intricate health data matters, including those governed by HIPAA and other regulations. She actively assists clients in creating privacy programs and mitigating risks related to technologies in digital health and AI-driven platforms.

Jennifer’s consumer protection practice includes counseling clients on marketing and promotional issues, including interest-based ads; automatic renewal and subscriptions; SMS text messaging and telemarketing; and other state and federal consumer protection laws.

Languages

• Japanese

Bar Admissions

• District of Columbia
• Virginia

Education

• University of Virginia (J.D., 2008)
• Northwestern University (B.A., 2003)

Memberships