{{insights.date}}
{{insights.type}}
{{insights.contentTypeTag}}
Lydia de la Torre
Of Counsel
Lydia de la Torre is a distinguished thought leader in data stewardship and AI governance, renowned for her ability to navigate the complexities of privacy compliance and digital transformation for data controllers and processors globally. With a robust background in regulatory investigations, she skilfully represents clients at the intersection of law and technology. Her strategic insights and deep understanding of data governance empower clients to make informed decisions in an increasingly regulated environment, establishing her as a trusted advisor in the legal landscape. Lydia’s expertise is further enhanced by her pivotal role as an inaugural board member of California’s data protection authority, the California Privacy Protection Agency (CPPA), where she was directly involved in drafting the California regulations.
Lydia’s work with different organizations has run the gamut, from pre-IPO startups to mature Fortune 500 companies, in a multitude of industries, including e-commerce, fintech and computer hardware. This experience has provided her with a direct understanding of client concerns.
Appointed to the inaugural CPPA Board by the California Senate President Pro Tempore Toni G. Atkins in 2021, Lydia gained unique experience with the first dedicated US privacy regulator. Lydia was one of the original five CPPA board members, helping shape California’s data privacy and security regulations, including on automated decision-making and profiling, and helped oversee and manage the agency’s enforcement work. In her role at the CPPA, she liaised with data regulators in other states, at the federal level and internationally, as well as lawmakers, regarding legislative and enforcement priorities for consumer privacy protection.
Lydia is the co-founder of Golden Data Law, a public benefit corporation law firm dedicated to providing mentorship to law students while focusing on privacy and data governance matters. With a passion for mentorship and education, Lydia is also an adjunct professor at UC Davis Law and Santa Clara University, where she teaches privacy, data protection and AI.
She is also a founding Leadership Council member on the AI Leadership Council of the Future of Privacy Forum (FPF), which aims to provide guidance to public and private stakeholders in navigating AI policy and compliance and promotes responsible data and AI practices.
Lydia is a frequently invited speaker on privacy-related topics, such as data ethics in privacy law including AI, multijurisdictional privacy law compliance and the interplay between consumer privacy laws and other data and consumer protection laws. She is also a prolific writer and has been published in a variety of outlets, from mainstream media to privacy and legal publications. She is the editor of Golden Data, a Medium publication focused on data laws.
- Assessing the ability of organizations to comply with privacy laws (including GDPR and CCPA), conducting gap assessments and creating pragmatic roadmaps to build the processes and resources required in a manner tailored to the organization’s unique circumstances.
- Counseling clients on the nuances of evolving data protection laws, applying her experience in having helped craft California’s regulations and set enforcement positions.
- Identifying and designing strategies to comply with EU and US data transfer requirements, including drafting and negotiating service provider contracts compliant with DPF (and before that Privacy Shield), GDPR and cybersecurity requirements, as well as intra-group data transfer agreements.
- Providing advice on the privacy implications related to mergers and acquisitions involving databases and implementing strategies for compliance with legal requirements.
- Advising on US financial privacy compliance, including GLBA, CalFIPPA, PCI-DSS, etc.
- Advising clients on legal requirements related to data security, counseling them through incidents and data breaches and representing them before administrative authorities with an eye toward avoiding penalties.
Education
- Santa Clara University School of Law, LL.M., 2014
- Centro de Estudios Garrigues, LL.M., 1996
- Universidad Complutense de Madrid, J.D., 1995
Admissions
- California, 2011
- Madrid, 1997
Memberships & Affiliations
- Adjunct professor, privacy, data protection and AI, University of California (UC), 2022-present
- Affiliated researcher, Center for Data Science and Artificial Intelligence Research (CeDAR)
- Leadership Council Future of Privacy Forum’s Center for Artificial Intelligence and affiliated with UC Davis’ Center for Data Science and Artificial Intelligence Research
- Former board member, California Privacy Protection Agency (CPPA), March 2021-March 2024
Languages
- Spanish
- English
- National Law Journal, Go-To Thought Leader — Cybersecurity (California Privacy Law), 2020
- Daily Journal, Top Cyber Lawyers 2020
- Interviewed, “Spotlight on Professor Lydia De La Torre, California Privacy Protection Agency Board Member,” California Lawyers Association Privacy Law Section Journal, 2024.
- Speaker, “Forward Thinking: Future-Proofing your AI Practices,” International Association of Privacy Professionals (IAPP) and Santa Clara University School of Law, May 30, 2024.
- Speaker, “AI and Legal Ethics,” UC Davis Business Law Journal’s 2024 Symposium Artificial Intelligence: Implications Across Industries, February 9, 2024.
- Speaker, “The AI Revolution and Regulation: From Automated Decision-Making Technology (ADMT) to Artificial Intelligence (AI),” Center for Innovation, Law, and Society, Davis and Live Webcast, February 5, 2024.
- Speaker, “U.S. Comprehensive State Privacy Laws: California, Virginia, Colorado, Utah and Connecticut,” PLI Twenty-Fourth Annual Institute on Privacy and Cybersecurity Law 2023, San Francisco, and Live Webcast, May 8-9, 2023.
- Speaker, Cybersecurity Conference 2023, Cleveland State University College of Law, April 20-21, 2023.
- Speaker, “US Privacy Law at a Crossroads: The Past, Present and Future,” IAPP Global Privacy Summit 2023, April 2023.