Julia B. Jacobson is a partner in the Data Privacy, Cybersecurity & Digital Assets Practice. Julia offers practical and tactical counsel on privacy and cybersecurity compliance strategies, data breach response, technology transactions and marketing initiatives for national and multinational organizations.

Privacy and Cybersecurity

A significant portion of Julia’s practice is devoted to advising clients on an array of privacy, cybersecurity, data breach and data governance matters. She assists clients with the design and development of privacy-sensitive policies for the collection and use of personal data. Julia regularly advises businesses on the privacy and cybersecurity aspects of environmental, social and governance (ESG) programs, ethical data use, machine learning and artificial intelligence, vendor contracting and management and business sales, combinations and acquisitions. She has helped her clients design, develop and implement compliance programs to meet the challenges of the evolving privacy and cybersecurity law landscape, including the California Consumer Privacy Act and other US state privacy and cybersecurity laws, the EU’s General Data Protection Regulation, the UK Data Protection Act 2018, cross-border personal data transfers and New York Department of Financial Services Cybersecurity Regulations, as well as to align with industry standards, including the National Institute of Standards and Technology (NIST) cybersecurity and privacy frameworks, and ESG standards and frameworks. Julia also serves as the data breach coach for several national and international clients.

Technology Transactions

Julia helps clients maximize the value of their strategic relationships by drafting and negotiating a wide range of commercial contracts, particularly technology-centric agreements and the deployment of machine learning and artificial intelligence. For both product and service providers and users, she structures and negotiates contracts and develops customized template agreements and tools for vendor screening and assessments.

Marketing and Promotions

Julia’s practice spans a wide array of issues associated with consumer marketing and promotional campaigns. She is skilled at establishing effective compliance programs and regularly counsels clients on the risks surrounding mobile marketing and text messaging, email marketing and telemarketing, social media, and sweepstakes and contests. Her work also includes helping clients navigate the digital advertising ecosystem and deploy emerging technologies. Increasingly, her practice focuses on supporting clients in designing data practices that consider stakeholder expectations and data ethics. On behalf of brands, agencies and marketing technology providers, she routinely structures and negotiates co-branding, sponsorships, and commercial co-venture and other agreements associated with the marketing and promotion of products and services.

Award Mouse thought multimedia interface book medal screen monitor


  • Boston University School of Law, LL.M., 2001
  • Boston University School of Law, J.D., 1999
  • University of Michigan, B.A., 1988


  • Massachusetts, 1999

Memberships & Affiliations

  • iTechLaw Member, Board of Directors, Co-chair, 2022 World Technology Law Conference
  • Fellow of Information Privacy, International Association of Privacy Professionals (IAPP), CIPP/US, CIPM; Co-chair, Boston chapter, IAPP KnowledgeNet
  • Data Ethics Certificate, Data Institute, University of San Francisco, May 2021
  • Member, Privacy, Cybersecurity & Digital Law Steering Committee, Boston Bar Association

{{insights.date}} {{insights.type}} {{insights.contentTypeTag}}
{{blog.title}} {{blog.source}}

  • Speaker, “The Impact of Privacy Protections on Digital Advertising,” ANA Master of Advertising Law Conference, November 15, 2023.
  • Speaker, “AI: The New Frontier in Class Action Litigation,” Celesq, Webinar, October 30, 2023.
  • Speaker, “Using and Governing Artificial Intelligence in Business,” Lorman Education Services, Live Webinar, August 30, 2023.
  • Co-author, “Uncloaking Dark Patterns: Identifying, Avoiding, and Minimizing Legal Risk,” Competition Policy International® TechREG Chronicle, May 2023.
  • Co-presenter, “Web Scraping Do’s and Don’ts,” MyLawCLE webinar, April 27, 2023.
  • Co-presenter, “Protect Your Business from Regulatory Risk: Mitigating the Threat of Dark Patterns,” MyLawCLE and Federal Bar Association webinar, April 19, 2023.
  • Moderator, “The P(rivacy) in ESG,” IAPP Global Privacy Summit 2023, April 5, 2023.
  • Speaker, “BBA Webinar: Everything in Moderation – Free Speech and Online Content,” Boston Bar Association Privacy, Cybersecurity and Digital Law Section, March 30, 2023.
  • Co-presenter, “Website Data Scraping: Evolving Legal, Case Law, and Business Challenges, User Agreement Enforcement, Safeguards,” Strafford webinar, February 16, 2023.
  • Presenter, “What’s on the Horizon: Metaverse and Beyond,” Compliance Week’s Cyber Risk & Data Privacy Summit, February 16, 2023.
  • Presenter, “Legislative & Regulatory: Privacy and Cybersecurity – What’s Ahead in 2023?” PIMA Winter Insight Conference, February 2, 2023.
  • Co-author, “Woke-Washing – An Emerging ESG Risk?” ACC Docket, February 2, 2023.
  • Co-presenter, “Incorporation by Reference of Terms and Conditions: Notice, Objection, Emphasis, Enforceability, Clear Reference Test,” Strafford webinar, October 25, 2022.
  • Presenter, “Working with Tech Leaders as a Compliance Partner,” Women, Influence & Power in Law Conference, October 17, 2022.
  • Presenter, “Drafting Terms of Use for Websites and Mobile Apps,” Federal Bar Association, February 7, 2022.
  • Co-presenter, “The New Business Ethics – ESG for Lawyers,” BBA webinar, January 26, 2022.
  • Presenter, “The Rise of ESG: What It Is and Why It Matters,” Federal Bar Association, October 27, 2021.
  • Presenter, “Privacy Policies: Legal Updates and Drafting Tips,” Federal Bar Association, October 27, 2021.
  • Presenter, “Ransomware Diligence: You and Your Vendors,” BankersWeb webinar, August 24, 2021, and September 17, 2021.
  • Panelist, “Biometric Regulatory Updates,” NetDiligence CyberRisk Summit, Philadelphia, July 14, 2021.
  • Presenter, “The CCPA Progeny, Part III: Data Ethics Webinar,” June 2021.
  • Presenter, “The CCPA Progeny, Part II: Facing Customers and What's New in State Privacy Laws Webinar,” April 2021.
  • Presenter, “The CCPA Progeny: Where, When, and How Webinar,” March 2021.
  • Presenter, “Data Security Incidents: Tuning Up Your Response Playbook for Today’s Threats,” Lorman, May 2021.
  • Co-presenter, “Big Data in Health: How to Outsmart the Legal Issues With Artificial Intelligence in Healthcare,” Boston Bar Association webinar, February 5, 2021.
  • Co-presenter, “What’s Reasonable? Recent Developments in Cybersecurity Law,” Celesq AttorneysEd Center, September 1, 2020.
  • Co-author, “Be Reasonable, Part 2: Recent Changes in State Data Security Law and Enforcement,” Legal Tech News, July 22, 2020.
  • Author, “Guidance Note – Massachusetts Cybersecurity,” OneTrust Data Guidance, July 2020.
  • Author, “Be Reasonable: Recent FTC Enforcement Orders on Data Security,” Legal Tech News, June 24, 2020.
  • Co-presenter, “Updating Your Online Privacy Policy: Best Practices in a Rapidly Changing Environment,” Lorman, May 14, 2020.
  • Speaker, “Drafting a Privacy Policy and Terms of Use for Online Services,” MyLaw CLE, April 14, 2020.
  • Panelist, “Your Digital Marketing Guide to Navigating the CCPA,” Lorman, April 9, 2020.
  • Moderator, “CCPA – Nuts & Bolts” panel, Boston Bar Privacy & Cybersecurity Conference, 2019.
  • Author, “The SEC Brings Its First Enforcement Action Under the Identity Theft Red Flags Rule,” Journal of Investment Compliance, May 7, 2019.
  • Presenter, “Practical Guide to GDPR Breach Notification and Security Requirements,” RSA Conference, San Francisco April 16, 2018.
  • Presenter, “Is Your Incident Response Plan Ready?” IAPP Web Conference, March 15, 2018.
  • Presenter, “Privacy Laws Are Coming! Is it Time to Panic?” Pittsburgh CIO Executive Summit, November 28, 2017.
  • Presenter, “WP29’s New GDPR Data Breach Notification Guidance,” International Association of Privacy Professionals webinar, November 16, 2017.
  • Presenter, “Drafting Website and Mobile App Terms of Use and Privacy Policies,” Strafford webinar, October 25, 2017.
  • Presenter, “GDPR – The Countdown Continues,” Association of Corporate Counsel webinar, September 21, 2017.
  • Presenter, “How Hedge Funds Can Maximize Big Data by Minimizing Legal Risk,” Alternative Investment Management Association, July 12, 2017.
  • Presenter, “Privacy Risk Summit 2017,” TRUSTe, San Francisco, June 6, 2017.
  • Presenter, “Social Media Cyber Risks: A Practical Look at Five Case Studies,” LexisNexis webinar, May 16, 2017.
  • Presenter, “The Challenges of Big Data and Regulatory Compliance,” K(NO)W Identity Conference 2017, Washington DC, May 15, 2017.
  • Presenter, “International Incident Response: Challenges, Surprises and Forecasts,” IAPP Global Privacy Summit 2017, April 20, 2017.
  • Presenter, “How to Simplify Compliance With Data Breach Laws,” IAPP Webinar, March 30, 2017.
  • Presenter, “Sweepstakes and Promotions in Social Media,” The Knowledge Group webinar, August 2, 2016.
  • Presenter, “Tips and Traps: Navigating Data Privacy and Security in Healthcare and Life Sciences Transactions,” ABA webinar, June 29, 2016.
  • Presenter, “Cross-device Tracking: New Opportunities, New Data Privacy Concerns for Marketers,” The Knowledge Group webinar, June 20, 2016.
  • Presenter, “Website Privacy Policies,” ALl-ABA live webinar, August 6, 2015.
  • Presenter, “Social Media Promotions,” Brand Activation Association/Association of National Advertisers (ANA) live webinar, July 28, 2015.
  • Presenter, “Updating Your Online Privacy Policy,” Lorman live webinar, March 25, 2015.
  • Presenter, “U.S. Privacy and Data Protection: 2014 Year in Review,” International Association of Privacy Professionals (LAPP) KnowledgeNet, January 8, 2015.
  • Presenter, “New and Unexpected: Developments in Mobile Marketing – Mobile Tracking, Apps and Mobile Payments,” 36th Annual Law Conference of Brand Activation Association, November 6, 2014.
  • Presenter, “Executing a Sweepstakes, Contest or Game,” Brand Activation Association/Association of National Advertisers (ANA) live webinar, June 25, 2014.
  • Presenter, “Track Me, Track Me Not: Complying With California's Do Not Track Disclosure Requirements,” Lorman Live webinar, February 25, 2014.
  • Presenter, “U.S. Privacy and Data Protection: 2013 Year in Review,” International Association of Privacy Professionals (IAPP) KnowledgeNet, January 28, 2014.
  • Presenter, “Drafting Rules for Digital Promotions,” 35th Annual Law Conference of Brand Activation Association, November 20, 2013.
  • Presenter, “Social Media Platforms: Your Content, Their Content?” SPLICE 2013 Licensors Summit, June 17, 2013.
  • Presenter, Panelist, “Mobile Marketing & Privacy: If You Collect It, Protect It,” MITX Mobile Marketing Summit, May 2013.
  • Presenter, “Navigating Privacy Landmines When Launching a Mobile App,” Boston Bar Association, December 2012.
  • Presenter, “Developing Best Practices for Sweepstakes and Promotions Rules Drafting,” American Conference Institute’s Digital Promotions & Social Media Summit, September 2012.

Award Mouse thought multimedia interface book medal screen monitor