Ann LaFrance co-chairs the firm’s global Data Privacy & Cybersecurity Practice and is a senior member of the international Communications Practice.

    In addition to advising clients on national and cross-border data privacy and cybersecurity matters, Ann has experience counselling clients on a broad range of legal and regulatory issues affecting the provision of internet and digital services, as well as advanced technologies. She has particular expertise advising on issues of concern to technology, media and telecommunications companies and she frequently serves as an adviser to governments and regulatory authorities on legislative and policy matters in these areas. Her practice is global, spanning the US, the EU and emerging markets in the Middle East and the Caribbean.

    Until September 2019, Ann was a partner in the firm’s London office, where she advised clients on the full range of compliance issues arising under the EU General Data Protection Regulation (GDPR), the ePrivacy Directive and the Network and Information Security (Cybersecurity) Directive. She has also counseled clients on compliance with the EU telecommunications regulatory framework and, most recently, legislative drafting and implementation issues related to the adoption of the new EU Electronic Communications Code.

    Drawing on her extensive GDPR experience, Ann now leads the firm’s US team of data protection practitioners advising on compliance with the California Consumer Privacy Act, as well as other federal and state privacy and cybersecurity laws and regulations. She has particular expertise in assisting clients with the design and implementation of integrated global compliance solutions and regulatory risk mitigation strategies.

    Ann brings to the table an in-house perspective on top of her 25 years of experience advising clients as external counsel. From 1996 to 2004, she served as Chief International Counsel of MCI Communications Corp. (now Verizon), based in Brussels and London.

    Ann is a member of the board of directors of the International Institute of Communications (IIC) and serves as Vice President. She is a member of the International Association of Privacy Professionals and is regularly called upon to speak on data privacy and digital economy issues.

    Award Mouse thought multimedia interface book medal screen monitor

    Data Privacy & Cybersecurity

    • Leading the EU component of a major data protection compliance initiative for a major US digital platform for genomic testing.
    • Leading global and regional (EU) GDPR compliance projects for various multinational B2B and B2C clients, covering customer and employee data.
    • Advising ad tech companies on issues relating to opt-in consent in relation to the use of cookies and similar applications.
    • Advising an international machine-to-machine (M2M) provider on complex issues relating to data protection and privacy clauses contained in its cross-border agreements with customers, relating to the collection, use and transfer of personal data of customers, and customers’ customers.
    • Advising a global provider of internet of things (IoT) services on compliance with GDPR.
    • Advising a major technology company on issues relating to the enactment of the EU Electronic Communications Code and a proposal for a new EU e-privacy regulation and the potential for the extension of such regulations to “over the top” communications services.
    • Drafting detailed quarterly reports for a global telecommunications operator on significant developments at EU level and in the UK, France and Germany in the areas of data protection, data retention, cybersecurity and law enforcement access.
    • Advising a leading Middle East government on the development of cybersecurity policies and regulation for the ICT sector.
    • Advising a major Turkish mobile network operator on EU practice at the national level in five key member states when implementing the e-Privacy Directive in relation to notice and consent required for the use of customer traffic and location data for advanced services.
    • Advising a cable television operator in the Caribbean region on a wide range of regulatory matters, including data protection.
    • Drafting a new legislative framework for the electronic communications sector of a government in the Caribbean region, including sector-specific data protection and retention provisions.

    Communications

    • Advising technology and telecommunications clients on legislative drafting and implementation issues related to the EU’s new Electronic Communications Code.
    • Advising various fixed and mobile telecommunications operators and other industry participants in the UK and across Europe and the Middle East on a range of regulatory issues, including mobile network sharing arrangements, mobile virtual network operator (MVNO) arrangements, terms and conditions of retail fixed and mobile offers, consumer codes of conduct, applications for code powers in the UK, spectrum allocation and assignment, net neutrality, next generation networks, market definition, SMP assessments and remedies, functional separation and equivalency, reference access and interconnection offers, wholesale pricing and quality of service obligations, mobile termination, accounting separation, margin squeeze issues, abuse of dominance concerns and state aid.
    • Advising governments and bidders in EMEA on the design and implementation of spectrum auctions, participation in beauty contests, single-sealed bid competitions and sophisticated electronic auctions, including legal issues involving transparency, discrimination and state aid concerns.
    • Providing ongoing regulatory and competition law advice on a range of pricing, marketing and infrastructure sharing issues for a major mobile operator in Central Europe.
    • Advising another major operator in Central Europe on a range of competition and regulatory issues, including the application of margin squeeze tests.
    • Advising a major pan-European operator on regulatory issues associated with the introduction of M2M communications services in several Gulf States.
    • Advising a UK systems integrator and provider of M2M communications services on applicable regulatory issues in several key EU member states, and advice on contractual issues relating to its underlying wholesale agreement with a major European mobile network operator.
    • Advising a major Turkish mobile network operator on EU practice at the national level in five key member states when implementing the e-Privacy Directive in relation to notice and consent required for the use of customer traffic and location data for advanced services.
    • Advising a cable television operator in the Caribbean region on a wide range of regulatory matters, including SMP designations and obligations, reference access and interconnection offers, accounting separation, broadband resale offer, margin squeeze and merger review issues.
    • Drafting a new legislative framework for the electronic communications sector of a government in the Caribbean region, assisting with the start-up of the new sector regulator and advising the regulator on implementation of the new regulatory framework.
    • Acting as adviser to a bidding consortium on regulatory matters in connection with the issuance of, and proposed operation under, the second and third mobile licenses and a competitive data license in Saudi Arabia.

    Education

    • King's College, London, EC Competition Law, 2001
    • Georgetown University, J.D., with honors, 1980
    • Georgetown University, M.S.F.S., 1980
    • Middlebury College, B.A., summa cum laude, Phi Beta Kappa, 1976

    Admissions

    • Admitted only in District of Columbia and Massachusetts
    • District of Columbia, 1980
    • Massachusetts, 2015

    Memberships and Affiliations

    • Member of the Board of Directors of the International Institute of Communications (IIC).
    • Special Advisor on data protection matters to the Board of the Storage Networking Industry Association - Europe. 
    • Member of the International Association of Privacy Professionals.
    • Member of the American, International, Federal Communications and District of Columbia Bar Associations. 
    • Regular lecturer on legal issues in Modern Spectrum Policy Management.

    Languages

    • English
    • French
    • Spanish
    • Recommended in Chambers UK 2018 for Data Protection; Telecommunications: Non-transactional, UK-wide
    • Recommended in The Legal 500 UK 2017 for IT and telecoms
    • Recognized as a Cybersecurity and Data Privacy Trailblazer for 2016 by the National Law Journal
    • Recognized as a leading individual by Chambers UK 2016
    • Recommended in The Legal 500 UK 2015 for EU and competition; Competition litigation; Data Protection; IT & Telecoms
    • Exclusive recipient of the International Law Office (ILO) Client Choice Award for Telecommunications in both 2015 and 2016
    • Commended for her "very impressive knowledge of the telecoms industry." She advises on regulatory matters, recently acting for clients across Europe, the Middle East and the Caribbean. Sources particularly highlight her understanding of policy issues and foresight in handling matters for clientele - Chambers UK, 2014.
    • Recommended for her "notable expertise in telecommunications"- Legal 500 UK, 2014

    {{insights.date}} {{insights.source}} {{insights.type}}
    {{blog.displayDate}}
    {{blog.title}} {{blog.source}}

    • Moderator, CISO discussion, Information Security and Operational Resilience Conference, New York, New York, November 7, 2019.
    • Keynote Speaker, “Are EU Telcos Equipped to Master the Brave New Digital World?” Salzburger Telekom-Forum, Austria, August 2019.
    • Panel Chair, “Platform Regulation: Can We Reach a Level Playing Field?” and “Enhancing Electronic Communications with AI, Data Analytics and Blockchain,” IIC-BEREC Conference, Latvia, June 2019.
    • Presenter, “Case studies from Data Protection Officers,” The first 100 days: issues, lessons and successes from delivering the GDPR Conference, London, UK, September 18, 2018.
    • Presenter, “Corporate Data Governance and GDPR Compliance for U.S. Companies,” Strafford, Webinar, April 11, 2018.
    • Presenter, “GDPR: Big Data & Security Analytics,” Gartner Security & Risk Management Summit, London, UK, September 19, 2017.
    • Presenter, “GDPR Gap Analysis, Data Protection Impact and Remediation,” Android Enterprise, London, UK, June 7, 2017.

    Award Mouse thought multimedia interface book medal screen monitor