Amber C. Thomson is a partner in Mayer Brown's Washington DC office, where she counsels private equity firms, financial institutions, retailers, and technology companies on complex and cutting-edge cybersecurity and privacy matters.
Zandra L. Robinson is a corporate attorney whose practice sits at the intersection of security, privacy, data governance, and responsible AI. As Senior Legal Counsel and Security Third-Party Risk Management (TPRM) Program Manager at Dell Technologies, she leads global vendor risk strategy for one of the world's largest technology companies.
Live Video-Broadcast: July 8, 2026
Sign-up for a law firm subscription plan and each attorney in the firm receives free access to all CLE Programs
AI chatbots now sit on client websites, service platforms, and internal workflows — and every deployment triggers privacy, wiretapping, consumer-protection, and product-liability exposure that the business decision never accounted for.
The forces converged in 2026: California’s January CPRA/ADMT regulations took effect, the CIPA wiretapping suits multiplied against deployers, the FTC pressed Operation AI Comply with algorithmic disgorgement, COPPA’s revised rule landed on April 22, and SB 243 imposed affirmative duties on chatbots reaching minors. Any attorney advising a client that runs a customer-facing or internal bot is already exposed — and standard vendor templates and boilerplate disclosures collapse under these theories.
This session delivers layered notice and consent frameworks, defensible data-minimization records, vendor clauses that address the eavesdropper theory and nested sub-processors, the Moffatt apparent-authority analysis, and a state disclosure map across California, Colorado, Maine, and Utah. You will leave able to audit and redline AI vendor contracts and counsel clients before plaintiffs and regulators find the gaps.
What Will You Learn
Attorneys will learn how CIPA, CPRA/ADMT, and state privacy laws, vendor wiretapping liability, chatbot-output liability, and high-risk use cases involving minors and mental health govern chatbot deployments.
What Will You Gain
Attendees will gain working frameworks for auditing vendor data practices, redlining chatbot vendor contracts, structuring disclosures, and counseling clients on substantiating AI capability claims and reducing liability.
Key topics to be discussed:
This course is co-sponsored with myLawCLE.
Date / Time: July 8, 2026
Closed-captioning available
Amber C. Thomson, Partner | Mayer Brown LLP
Amber C. Thomson is a partner in Mayer Brown’s Washington DC office, where she counsels private equity firms, financial institutions, retailers, and technology companies on complex and cutting-edge cybersecurity and privacy matters. Her practice pairs deep regulatory knowledge with a practical, business-focused approach to risk management, spanning compliance counseling, incident response, and data breach litigation. Amber has developed a particular focus on children’s privacy, advising developers of online services, mobile applications, connected devices, and educational technologies on the rapidly evolving rules governing minors’ data. Clients rely on her subject-matter depth and her ability to translate intricate legal obligations into actionable, real-world guidance.
Amber earned her J.D., cum laude, from Howard University School of Law and holds a B.S. from Old Dominion University. She is admitted to practice in the District of Columbia and Maryland. She is also a Certified AI Governance Professional (AIGP), credentialed through the International Association of Privacy Professionals (IAPP).
Recognized as a Certified AI Governance Professional, Amber is among the practitioners formally credentialed to advise on the governance of artificial intelligence systems. Within Mayer Brown, she holds significant leadership roles, serving as co-chair of the firm’s Black Lawyers Affinity Group and co-chair of the firm’s Women’s Forum. She is also a member of the firm’s AI Task Force and its Recruiting Committee, contributing to both the firm’s substantive AI capabilities and its talent development.
Amber is actively engaged across the bar and the broader legal community. She serves as Treasurer of the Privacy, Cybersecurity & Technology Section of the National Bar Association and as a Leadership Advisory Committee Member of the National Association of Women Lawyers. She is the founder of Lesbian Lawyers of Color and a member of the National LGBTQ+ Bar Association. Her prior service includes board positions with Ms. JD and The Associates’ Committee, participation in the Leadership Council on Legal Diversity’s Pathfinder Program, and a term as Secretary of the LCLD Alumni Executive Council. Amber is a frequent speaker and author on privacy and cybersecurity topics, with recent presentations on the future of children’s privacy and on state consumer protection enforcement, and published commentary on developments such as Oklahoma’s comprehensive consumer data privacy law and Colorado’s evolving AI policy framework. She regularly provides executive and board-level training on incident response, privacy compliance, and children’s privacy obligations.
Amber advises clients across the full lifecycle of privacy and cybersecurity risk. On the compliance side, she helps organizations assess and implement programs addressing US state comprehensive privacy laws, CPRA, HIPAA, TCPA, PCI DSS, CAN-SPAM, and GDPR. Her children’s privacy work includes designing youth-specific data governance frameworks, building age verification and parental consent mechanisms, and guiding product assessments involving children’s data, profiling, and targeted advertising under COPPA, state children’s privacy laws, and age-appropriate design requirements. She has guided private equity firms and their portfolio companies through state privacy law compliance and counseled retailers, financial institutions, healthcare companies, and manufacturers on CCPA/CPRA obligations, while also conducting privacy due diligence for clients including major manufacturers and private equity firms. Amber’s incident response experience spans deepfakes, business email compromise, and double- and triple-extortion ransomware attacks, guiding clients from investigation and containment through remediation and notification. She has led response efforts for a major fast food chain navigating a nationwide payment card breach, a wire and cable manufacturer facing a double-extortion ransomware attack, a multinational aviation company managing a board-level breach investigation, and a health plan responding to the MOVEit-related breach. She has also conducted dozens of cybersecurity tabletop exercises and preparedness assessments across industries. On the litigation front, Amber has represented one of the largest US credit unions in class-action data breach litigation, defended a multinational technology company in state court matters, and pursued claims against the hackers behind a ransomware attack on a manufacturing client.
Zandra L. Robinson, Senior Legal Counsel & Security Third-Party Risk Management Program Manager | Dell Technologies
Zandra L. Robinson is a corporate attorney whose practice sits at the intersection of security, privacy, data governance, and responsible AI. As Senior Legal Counsel and Security Third-Party Risk Management (TPRM) Program Manager at Dell Technologies, she leads global vendor risk strategy for one of the world’s largest technology companies. Known for helping organizations move decisively in high-stakes environments, Zandra translates complex legal and technical risk into a clear path forward the business can act on immediately — enabling speed, accountability, and defensible decision-making at scale. Her work increasingly centers on the responsible integration of AI into the legal function, scaling legal capacity through AI-enabled workflows and helping move organizations from AI experimentation to enterprise capability.
Zandra is admitted to practice in Texas. She earned her Juris Doctor from the University of Arkansas School of Law, Fayetteville, where she was a Fellow of the Council on Legal Education Opportunity (CLEO), and holds a Bachelor of Arts in Corporate Communications from Southern Methodist University.
Zandra has earned notable recognition within the corporate counsel community. She was selected by the Corporate Counsel Business Journal as one of its “50 Women to Watch,” honoring emerging legal leaders shaping the future of corporate counsel practice. She has twice received Dell Technologies’ Game-Changer Award — once recognizing her contributions to integrating AI into legal practice, and once as the highest recognition conferred by the General Counsel within the Dell Legal Department, for her work as lead counsel to Virtustream, Dell’s cloud-infrastructure subsidiary, through its transformation, divestiture, and operational transitions. In the broader profession, she serves as Co-Lead of the CCWC® AI + Legal Tech + Innovation Advisory Council and as Co-Chair of the Corporate Counsel Women of Color National Advisory Council, a select group of senior in-house counsel, law firm partners, and legal-tech innovators guiding strategic initiatives across the legal profession.
Zandra is active across professional and community organizations and contributes to the field as a published author and speaker. She authored “The Hidden Exposure in Your Supply Chain: What Corporate Counsel Need to Know About Vendor Risk,” published in Circuits, the journal of the State Bar of Texas Computer & Technology Section. She serves on the CCWC Data Privacy & Cybersecurity Subcommittee, contributing thought leadership and cross-industry collaboration on emerging privacy, data governance, and cybersecurity issues, and participates in national working groups focused on best practices and counsel readiness. She is a member of the National Contract Management Association and an active member of The New Roundtable, a nonprofit advancing African-American women attorneys through networking, professional development, and mentorship in the Dallas legal community. She has also shared her expertise on industry stages, including appearing as a speaker at Legalweek New York while serving as PepsiCo’s Legal Director for IT & Privacy.
Zandra brings more than a decade and a half of in-house and legal experience across technology, consumer products, and the public interest sector. She has served at Dell Technologies since February 2021, where she leads the company’s security third-party risk management program and counsels on global cybersecurity, IT, and compliance matters. Earlier, at PepsiCo, she held the dual role of Director, Legal & Privacy Counsel and Global Director, Information Technology Legal, addressing legal and privacy issues related to information technology on a global scale, along with global IP responsibilities. Before that, she was a Contracts Negotiator and Business Practices Manager within Oracle’s public-sector consulting services group. Her earlier career includes legal and analyst roles at The Pew Charitable Trusts and Hogan Lovells, along with clerkships with the Texas Attorney General’s office and the Federal Trade Commission. Her practice focus spans third-party and vendor risk management, data privacy and cybersecurity compliance, IT and IP counseling, and the governance questions surrounding enterprise use of artificial intelligence.
SESSION 1 – The Chatbot Privacy Trap: Notice, Consent, Minimization | 1:00pm – 1:30pm
Chatbot deployments trigger layered privacy obligations under CIPA, California’s 2026 CPRA/ADMT regulations, and a widening patchwork of state laws. Attorneys gain a framework for auditing vendor data practices, structuring defensible disclosures, and documenting minimization decisions that withstand scrutiny and discovery.
SESSION 2 – Vendor Risk and Wiretapping: Structuring Chatbot Contracts | 1:30pm – 2:00pm
Deploying third-party chatbot vendors creates wiretapping liability under CIPA and analogous state statutes. Attorneys learn how courts apply the eavesdropper theory, where standard vendor contracts leave deployers exposed, and which clauses shift that exposure across nested sub-processors.
BREAK | 2:00pm – 2:10pm
SESSION 3 – Chatbot Outputs and Consumer Protection Obligations | 2:10pm – 2:40pm
Companies answer for what their chatbots say. Drawing on Moffatt v. Air Canada and FTC Operation AI Comply, attorneys learn to audit outputs, draft disclaimers limiting apparent authority, and map disclosure duties across California, Colorado, Maine, and Utah.
SESSION 4 – High-Risk Chatbot Use Cases: Children and Mental Health | 2:40pm – 3:10pm
Chatbots reaching minors or drifting into mental-health territory expose clients to wrongful death and product liability claims. Attorneys learn the updated COPPA rule, California SB 243 duties, FDA device-classification risk, and structural safeguards that reduce liability.
Approved for CLE Credits
2 General
Approved for CLE Credits
2 General
Approved for CLE Credits
2 General
Approved for CLE Credits
2 General
Approved for CLE Credits
2 General
Pending CLE Approval
2 General
Approved for CLE Credits
2 General
No MCLE Required
2 CLE Hour(s)
Pending CLE Approval
2 General
Approved for CLE Credits
2.5 General
Pending CLE Approval
2 General
Approved for CLE Credits
2 General
Pending CLE Approval
2 General
Pending CLE Approval
2 General
Approved for CLE Credits
2 General
Pending CLE Approval
2 General
Pending CLE Approval
2 Substantive
Pending CLE Approval
2 General
Pending CLE Approval
2 General
No MCLE Required
2 CLE Hour(s)
No MCLE Required
2 CLE Hour(s)
Pending CLE Approval
2 General
No MCLE Required
2 CLE Hour(s)
Pending CLE Approval
2 General
Approved for CLE Credits
2.4 General
Pending CLE Approval
2 General
Pending CLE Approval
2 General
Pending CLE Approval
2 General
Approved for CLE Credits
2 General
Pending CLE Approval
2 General
Approved for CLE Credits
120 General minutes
Approved for CLE Credits
2.4 General
Approved for CLE Credits
2 General
Pending CLE Approval
2 General
Approved for CLE Credits
2 General
Approved for CLE Credits
2 General
Pending CLE Approval
2.5 General
Pending CLE Approval
2 General
Approved for CLE Credits
2 General
Pending CLE Approval
2.5 General
Pending CLE Approval
2 General
No MCLE Required
2 CLE Hour(s)
Approved for CLE Credits
2 General
Approved for CLE Credits
2 General
Pending CLE Approval
2 General
Not Eligible
2 General Hours
Approved for CLE Credits
2 General
Approved via Attorney Submission
2 Law & Legal Hours
Pending CLE Approval
2 General
Pending CLE Approval
2.4 General
Pending CLE Approval
2 General