Kyle R. Fath

    Kyle R. Fath

    Partner

    kyle.fath@squirepb.com View Full Bio

    Kyle Fath is a partner in the firm’s Data Privacy, Cybersecurity & Digital Assets Practice, which has achieved an “Elite” ranking from Lexology’s Global Data Review three years running (2022-2024). Kyle has an exceedingly rare combination of deep, substantive knowledge of both data privacy, AI and IP, alongside a wealth of experience in commercial and technology transactions.

    Kyle’s clients turn to him for day-to-day advice and long-term strategic counseling on privacy and regulatory compliance, AI and data governance, third-party risk, addressing and defending against regulatory action and inquiries, mitigation of litigation risk and drafting and negotiating agreements for key commercial initiatives. He has particularly strong experience in product counseling and advising on privacy and regulatory compliance in relation to e-commerce, AdTech and digital advertising, AI, biometrics and children’s data.

    Kyle is a recognized thought leader in these areas. In addition to being a regular contributor to Privacy World, our industry-leading blog covering data and digital issues, Kyle is regularly invited to speak at events hosted by industry organizations such as IAPP, NAI, IAB, California Lawyers Association and other state bar groups, as well as American Bar Association and Association of Corporate Counsel. He is frequently sought out by publications such as Cybersecurity Law Report, Bloomberg and Law360 for his commentary and guest posts on AI and privacy developments.

    Artificial Intelligence

    Kyle has advised dozens of companies on AI, including both developers of AI systems and large language models, as well as deployers and users of third-party AI systems and applications. Kyle’s practice includes AI product counseling, development of AI governance programs, AI legal and regulatory horizon scanning, inventorying AI systems, identifying and mitigating privacy, IP and third-party contractual risks arising out of generative AI use cases, among other things.

    Kyle is sought out by leading organizations and publications for his thought leadership on AI – for example, Kyle was selected to moderate a panel on AI governance at the IAPP’s first-ever AI Governance training at the 2023 IAPP Global Privacy Summit, and he is frequently sought out by publications like Bloomberg Law for comments on AI developments and legislation.

    Privacy Compliance, Product Counseling and Consumer Protection

    Kyle has counseled hundreds of companies through the development of privacy compliance and data governance programs, including under landmark privacy legislation, such as the California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA) and the growing list of US state privacy legislation (Colorado, Connecticut, Utah and Virginia).

    Kyle advises a client base that spans a variety of industries, including digital media and online publishing, AdTech, e-commerce, restaurant/retail, retail media, consumer packaged goods, automotive, logistics and transportation, gaming, health tech, B2B software as a service (SaaS) and others. In addition to omnibus consumer privacy laws, Kyle has significant experience counseling clients through use cases with heightened litigation and regulatory risk, including under the Illinois Biometric Information Privacy Act (BIPA) and other biometrics laws, Telephone Consumer Privacy Act (TCPA), Video Privacy Protection Act and state eavesdropping, wiretapping and surveillance laws, as well as with respect to regulation of unfair and deceptive acts and practices under state laws and the Federal Trade Commission.

    Kyle is an authority on digital advertising issues, and regularly advises a variety of companies on data privacy compliance and commercial transactions in the space. With his deep and intimate understanding of complex digital advertising data flows, and industry knowledge on topics such as the so-called “cookieless future,” Kyle is able to advise a range of clients on these issues, from companies with a growing understanding of business issues and privacy risks, to privacy and product teams at AdTech companies with sophisticated, expert-level knowledge on these topics (including compliance with the Network Advertising Initiative (NAI) Code of Conduct). Kyle contributes a significant amount of thought leadership on digital advertising issues and serves on working groups and committees for leading industry organizations, including the NAI, Interactive Advertising Bureau (IAB) and the Association of National Advertisers (ANA).

    Commercial, Technology and Strategic Transactions

    Kyle has structured, drafted and negotiated hundreds of agreements, ranging from strategic deals involving data, technology or other digital assets, to vendor agreements involving various SaaS, AdTech and other services. In addition, a significant aspect of Kyle’s practice includes assisting clients through the build out of global online platforms e-commerce, B2B Saas and other global online platforms, including the drafting of various website and product terms, terms of use, terms of service, application programming interface (API) terms, privacy policies, and other online contracts, documents and notices.

    Award Mouse thought multimedia interface book medal screen monitor

    Explore
    Privacy and Product Counseling
    • Advised on, developed and implemented California Consumer Privacy Act and other US privacy law compliance programs for hundreds of US and global organizations including comprehensive data mapping; drafting of privacy notices; implementation of consumer rights requests response procedures; and management and classification of vendors and other data recipients. Developed hundreds of bespoke data processing agreement templates, including for AdTech and other complicated use cases.
    • Managed, advised on, developed and implemented EU General Data Protection Regulation (GDPR) and other global privacy compliance programs for US and international organizations, including consent mechanisms for cookies and online behavioral advertising, and email and text message (SMS) marketing; record-keeping/data mapping; applicability analysis; and data transfer mechanisms.
    • Counseled dozens of clients, including professional sports teams and restaurant and retail chains, through the development and implementation of text messaging programs for TCPA and other regulatory compliance, including development of user experience and consent language, drafting terms and conditions, advising on managing consents and revocations across different types of campaigns, and negotiating SMS vendor agreements.
    Artificial Intelligence
    • Advised numerous platforms, technology companies, SaaS providers, brands on use of data for training and fine-tuning AI models under applicable law and limitations under privacy policies and contracts.
    • Developed AI governance programs for global organizations, including AI and algorithmic assessments and guidance for business stakeholders, an “AI playbook” for use by business teams to elevate issues and kick-off legal review.
    • Advised AI developer on privacy, IP and general regulatory risk associated with (1) acquisition of data, information and online content; (2) using and manipulating acquired materials for training AI models; and (3) using AI models trained on acquired materials for generation and inferences.
    • Developed scores of AI contractual provisions and templates for use in a variety of contexts, including procurement of AI tools, use of AI by service providers/subcontractors, and business- and consumer-facing terms of service.
    • Advised numerous clients on the formation and composition of AI ethics and governance boards.
    Biometrics Privacy and Product Counseling
    • Advised dozens of companies on risks arising out of Illinois BIPA and other laws regulating biometric data.
    • Advised renowned provider of facial recognition software on legislative advancements in relation to biometrics, facial recognition and similar topics.
    • Advised video experience platform on risk of voice and facial recognition features, as well as training AI/machine learning models with images, videos and audio.
    • Counseled retail chains on the risks of implementation of “smart coolers” and automated checkout and security applications involving object detection.
    • Advised numerous employers regarding use of biometrics, including fingerprint clock-in technology.
    Commercial, Technology and Strategic Transactions
    • Led product legal aspects of prominent podcast producer’s rollout of a global subscription platform and mobile application, including negotiation of agreements with back-end technology vendors, development of user flows, terms of use and privacy policy and advising on privacy and digital advertising issues.
    • Developed template provisions for procurement and licensing of AI technology for several global organizations, including provisions to address responsible and ethical AI principles and compliance with laws and regulations (including privacy laws and the forthcoming EU AI Act).
    • Negotiated dozens of agreements with data brokers and data match vendors.
    • Drafted a strategic alliance agreement between an AdTech client and competitor for provision of joint advertising services on leading video-sharing platform.
    • Developed numerous online terms of service, end-user license agreements, terms of sale/subscription and privacy policies for a variety of clients, including an educational technology and content provider, a high-end retail company, a digital media publisher and one of the world’s largest mobile app developers.
    • Advised on IP, IT and data privacy issues, and performed due diligence, on M&A, financing and other transactions for clients in software, financial services, digital media, edtech and other industries.
    • Drafted and negotiated various IT, cloud, SaaS and outsourcing agreements for a variety of clients, including numerous restaurant and retail chains, and an emerging company offering a mobile application and online platform for cannabis brands and dispensaries.
    • Counseled liquor brand in M&A transaction related to its use of a famous bootlegger’s name and likeness.
    • Drafted ancillary agreements to M&A and other transactions, including technology, data, and IP license and license-back agreements.
    Advertising, Marketing and Digital Media
    • Participated in a number of working groups with the Interactive Advertising Bureau, including in relation to development of its CCPA framework, an ad industry survey measuring CCPA compliance and adoption of the opt-out framework, and cross-jurisdictional privacy project for developing a global privacy string for use in digital advertising transactions.
    • Advised a medical advertising company on an ad campaign involving geotargeting around medical clinics.
    • Drafted and negotiated numerous documents in relation to a client’s participation in joint venture with other major cable and telecommunications companies for national addressable (i.e., interest-based) and linear advertising campaigns.
    • Counseled clients on compliance with marketing laws and regulations including CAN-SPAM and the TCPA.
    • Advised clients on protections offered by Communications Decency Act, including an online cannabis sales and delivery platform for brands and dispensaries.
    • Developed and implemented Digital Millennium Copyright Act takedown policies and procedures for numerous publishers, including a prominent educational technology company.
    • Drafted and negotiated numerous content creation (e.g., podcasts and other media, websites, etc.) agreements and IP licenses and assignments.

    Education

    • Washington University School of Law, J.D., 2012
    • University of Cincinnati, B.S., 2009

    Admissions

    • California
    • New York
    • Ohio
    • New York Metro Super Lawyers Rising Star, 2020

    {{insights.date}} {{insights.type}} {{insights.contentTypeTag}}

    {{news.date}} {{news.source}} {{news.type}}
    {{blog.displayDate}}
    {{blog.title}} {{blog.source}}

    Kyle has provided pro bono legal services to a number of organizations, including an organization supporting women nonfiction filmmakers, an international nonprofit that trains and supports people using video in their fight for human rights and a New York City-based nonprofit using media, arts and technology to address human rights issues.

    • Co-Presenter, “AI and Biometrics Privacy: Trends and Developments,” IAPP, June 2, 2022.
    • Co-Presenter, “2022 NFTs Conference,” Federal Bar Association/MyLawCLE, January 31, 2022.
    • Co-Presenter, “Ad-Tech for 2022 – What You Need to Know,” Privacy OC’s PrivacyNext Summit 2022, January 26, 2022.
    • Presenter, “Vendor and Processor Management and Risk,” SW Ohio ACC, December 2, 2021.
    • Presenter, “Navigating the Cookieless Future,” IAPP Privacy.Security.Risk Conference, October 21, 2021.
    • Co-Presenter, “AdTech Considerations Under CCPA and CPRA,” Webinar, February 18, 2021.
    • Co-Presenter, “The Future of Data Privacy Automation,” Privacy OC Privacy Week virtual conference, January 27-28, 2021.
    • Co-Author, “Third-Party & Vendor Management Considerations for CPRA Compliance,” LACBA, January 19, 2021.
    • Speaker, “What CCPA 2.0 Will Mean for Businesses and Consumers,” IAPP KnowledgeNet Cincinnati Chapter, January 13, 2021.
    • Speaker, “The California Consumer Privacy Act and the Forthcoming California Privacy Rights Act,” online Business Law Institute presented by the Ohio State Bar Association, December 10, 2020.
    • Co-Author, “California: What CPRA Will Mean for Businesses, Consumers, and US Privacy Landscape,” One Trust/Data Guidance, November 2020.
    • Co-Author, “Guide: United States: Data Protection & Cyber Security,” Legal 500, June 2019.

    Related Services
    Award Mouse thought multimedia interface book medal screen monitor