Matthew R. Baker

Practice Group Chair - Privacy & Cybersecurity Partner

[email protected]

San Francisco

P: +1.415.291.6213
F: +1.415.291.6313
Matthew Baker

Matthew's cross-disciplinary practice focuses on data privacy, cybersecurity, crisis management, and incident response for a broad range of industries. He is well-versed in multi-jurisdictional privacy compliance; cyber risk identification, mitigation, and response strategies; complex information governance and data management issues; and cross-border electronic discovery. His diverse experience at the intersection of litigation, informational and operational technology, and data management enables him to provide clients with comprehensive business-oriented counsel proactively and in real time.

Matthew routinely counsels clients on considerations arising under a wide range of domestic and international privacy and security laws, standards, and best practices. Such frameworks and standards include the California Consumer Privacy Act of 2018 (CCPA), the Illinois Biometric Information Privacy Act (BIPA), the EU's General Protection Data Regulation (GDPR), Canada's Personal Information Protection and Electronic Documents Act (PIPEDA), and Brazil's General Data Protection Act (LGPD), as well as regulatory guidance and international standards relating to privacy and security, such as NIST or ISO standards.

In addition, Matthew has managed dozens of cyber and privacy incidents for multi-national companies through all aspects of investigation, remediation, notification, regulatory engagement, and litigation. With his keen awareness of the enforcement landscape, Matthew assists clients with incident and crisis response preparedness. As part of this, Matthew works hand-in-hand with clients to develop tabletop exercises, simulations and drills for individuals in a variety of roles to help identify and address gaps in procedures and protocols for emergent situations.

Matthew is a certified privacy and information management specialist, including as a: Certified Privacy Program Manager (CIPM); Certified Information Privacy Professional - U.S. (CIPP/US); and Certified Information Privacy Professional - Europe (CIPP/E).

Prior to joining the firm, Matthew represented clients in complex criminal and commercial litigation matters throughout all phases of regulatory investigations, trial and appellate proceedings, with a focus on environmental and energy-related litigation. During law school, Matthew served as a law clerk for the U.S. Attorney's Office for the Southern District of California.

Related Experience

  • Representation of a global provider of labor and production services criminally charged in connection with a multi-fatality incident on an oil and gas production platform.
  • Representation of a global energy services company under criminal investigation for fraud related to inspection services provided to oil and gas production platforms.
  • Representation of a Fortune 100 company in connection with federal and state investigations related to a multi-fatality incident at a chemical manufacturing plant.
  • Representation of leading health care provider in connection with data privacy compliance and information governance practices.
  • Representation of a Fortune 100 financial institution in connection with information governance practices.
  • Representation of an international oil and gas services company in Suspension & Debarment proceedings before federal agencies relating to potential disqualification from participation in federal contracts and related subcontracts.
  • Representation of a major oil field services provider in connection with the criminal investigation of the April 2010 Deepwater Horizon oil spill.
  • Representation of an international oil services company in a multi-billion dollar MDL proceeding—MDL-2179, In re Oil Spill by the Oil Rig "Deepwater Horizon" on April 20, 2010 (E.D. La.—Judge Barbier).
  • Representation of the chief financial officer of a public company under investigation for accounting fraud and manipulation of financial statements and SEC filings.
  • Representation of high-profile, public clients in connection with a DOJ investigation into the September 2013 lane closures on the George Washington Bridge involving New Jersey Governor Chris Christie's administration.
  • Representation of a major energy company in connection with an SEC investigation into alleged fraudulent accounting and reporting practices.
  • Internal investigation for a multi-national aerospace company regarding suspected violations of the FCPA.
  • Provision of advice to a major European energy company on domestic and international data privacy compliance issues for purposes of establishing a new domestic presence.
  • Provision of advice to an international client on domestic and international data privacy compliance issues in connection with expansion into Europe.
  • Provision of assistance to a major international oil field services provider in the revision and update of its corporate governance and compliance policies and procedures.
  • Provision of assistance to a multinational bank in the revision and update of its information governance compliance policies and procedures.

Awards & Community

Recommended in The Legal 500 U.S., 2018 & 2019

Recognized as a Northern California Super Lawyer-Rising Star (Thomson Reuters), 2013-2019

News

results Page of

Thought Leadership

results Page of

CCPA Compliance and Enforcement

Speeches & Presentations

Moderators, TechGC, Privacy Virtual Forum: The GC's Role in Operationalizing Privacy At Home and Abroad

Events

Recent

results Page of