Consumer Privacy Requests and Wiretapping Claims Across a Patchwork of State Laws: A Defensible Response Playbook

Alan L. Friel | Squire Patton Boggs

Alan L. Friel is a partner and chair of the Data Privacy, Cybersecurity & Digital Assets Practice at Squire Patton Boggs. A recognized thought leader in digital media, intellectual property, data privacy, cybersecurity, and consumer protection law, Alan has more than three decades of experience advising clients at the intersection of law and technology. Drawing on both private practice and in-house experience, including service as a general counsel, he counsels companies on privacy governance, information management, cybersecurity, digital advertising, artificial intelligence, data commercialization, and emerging technology issues. He regularly advises publishers, advertisers, ad tech companies, software providers, e-commerce businesses, and other organizations navigating rapidly evolving regulatory and technological landscapes.

• Education & Credentials

Alan earned a J.D. from Northeastern University School of Law, a B.S. from Georgia State University, and completed the Executive Program in Management (EPM) at the UCLA Anderson School of Management. He is admitted to practice in California and New York and is admitted before the U.S. District Court for the Central District of California and the U.S. Court of Appeals for the Ninth Circuit. Alan also holds the Certified Information Privacy Professional (CIPP) and Certified Information Privacy Manager (CIPM) designations, reflecting his extensive experience in privacy and data protection law.

• Recognition & Leadership

Alan is widely recognized as a leader in privacy and technology law. He serves as chair of the firm’s Data Privacy, Cybersecurity & Digital Assets Practice and has been recognized by BTI Consulting Group as a Client Service All-Star. He has earned a Tier 1 ranking from Chambers and was named a “Trailblazer” for Media and Advertising Law by the National Law Journal. The Los Angeles Times has also recognized him as a Legal Visionary and Visionary for his contributions to the legal profession and leadership in privacy, cybersecurity, and digital media law. Through his leadership, the firm’s global data practice has expanded its profile and capabilities in the rapidly evolving data and technology sector.

• Professional Involvement

Alan is deeply involved in professional organizations and industry initiatives focused on privacy, advertising, and technology law. He works closely with trade groups such as the Interactive Advertising Bureau and the Association of National Advertisers, as well as privacy organizations including the International Association of Privacy Professionals. He serves as Chair of The Association of Media and Entertainment Counsel’s Law Firm Advisory Board and has held leadership positions within IAPP’s regional KnowledgeNet chapters. Alan is also an executive committee and board member of the Los Angeles County Bar Association’s Privacy and Cybersecurity Section. In addition, he teaches and mentors future lawyers through affiliations with University of California, Los Angeles, Loyola Marymount University Loyola Law School, and a legal clinic supporting nonprofits and startups.

• Experience

Alan has spent more than 30 years helping organizations address complex privacy, cybersecurity, consumer protection, intellectual property, and digital media issues. He has assisted hundreds of companies in developing privacy programs, conducting data protection assessments, implementing information governance frameworks, and complying with laws such as the CCPA, GDPR, COPPA, HIPAA, and other state, federal, and international privacy regulations. His experience includes defending businesses in investigations and enforcement actions brought by regulators, advising on privacy and cybersecurity aspects of mergers and acquisitions, structuring data transfer arrangements, developing compliance programs, and counseling clients on artificial intelligence, digital advertising, online services, e-commerce, and emerging technologies. He has also played a role in shaping privacy law and policy since the early development of the internet, beginning with his work as the Sherwood Shafer Fellow at the American Civil Liberties Union.

Kyle R. Dull | Squire Patton Boggs

Kyle Dull is a senior associate in the Data Privacy, Cybersecurity & Digital Assets Practice at Squire Patton Boggs. Drawing on his experience as a former enforcement lawyer, he advises industry-leading companies, mid-market organizations, and startups on navigating the complex landscape of domestic and international privacy laws, consumer protection regulations, advertising and marketing laws, and cybersecurity risks. Kyle regularly counsels clients on privacy governance, regulatory compliance, data protection, advertising practices, artificial intelligence, and emerging technologies. His background in government enforcement provides valuable insight into regulatory investigations and compliance strategies, enabling him to help clients balance business objectives with consumer protection obligations while minimizing legal and regulatory risk.

• Education & Credentials

Kyle earned his Juris Doctor from Tulane University Law School, where he received the Dean’s Scholarship for Academic Excellence, and his Bachelor of Arts from Vanderbilt University, where he was recognized on the Dean’s List. He is admitted to practice in New York and Florida and is admitted before the United States District Court for the Southern District of Florida. Kyle is also a Certified Information Privacy Professional (CIPP/US), reflecting his specialized knowledge of privacy and data protection law.

• Recognition & Leadership

Kyle is recognized as a leading practitioner in privacy, cybersecurity, and consumer protection matters. He has served as a member of the Florida Bar’s Cybersecurity and Privacy Law Committee and previously participated in the Consumer Protection Law Committee and Data Privacy and Cybersecurity Subcommittee. He also served as a two-term adviser to the Law360 Consumer Protection Editorial Advisory Board. In addition, he is frequently quoted and featured in publications such as Law360, Bloomberg Law, and IAPP on developments involving privacy, cybersecurity, advertising, and consumer protection law.

• Professional Involvement

Kyle is an active contributor to the privacy and cybersecurity legal community through extensive writing, speaking, and industry engagement. He regularly publishes articles and practical guidance on privacy compliance, direct marketing, advertising regulation, AI governance, and consumer protection issues. He is also a frequent speaker for organizations including the Association of National Advertisers, the Association of Corporate Counsel, Strafford, and other legal and industry groups, presenting on topics such as state privacy laws, artificial intelligence, online terms and policies, digital advertising, and regulatory enforcement trends.

• Experience

Kyle advises clients on a broad range of privacy, cybersecurity, advertising, and consumer protection matters, including compliance with state privacy laws, data governance programs, cybersecurity incident response, AI-related technologies, biometrics, marketing practices, and complex commercial agreements involving data and technology. He regularly counsels companies on privacy compliance, data-sharing arrangements, digital advertising, consumer rights management, and emerging technology risks. Before entering private practice, Kyle served as an enforcement attorney in the Florida Attorney General’s Consumer Protection Division, where he investigated and litigated matters involving unfair and deceptive data practices, geolocation tracking, privacy violations, advertising claims, and consumer protection issues. He also led and coordinated multistate investigations and supervised significant enforcement initiatives involving technology, social media, e-commerce, and vaping companies. This combination of enforcement and private practice experience provides him with a unique perspective on regulatory risk, compliance, and litigation strategy.

SESSION 1 – Building a U.S. Consumer Privacy Rights and Cookie Management Program | 1:00pm – 2:00pm

Build and operate a defensible rights-management program: run jurisdictional coverage analysis across divergent state laws, apply statutory exemptions, verify requester identity, coordinate legal, IT, HR, and vendor functions, and deploy scoping frameworks, response flowcharts, and cookie consent best practices.

BREAK | 2:00pm – 2:10pm

SESSION 2 – Enforcement And Litigation Landscape, Take Away Lessons, Best Practices | 2:10pm – 3:10pm

Map the enforcement and litigation terrain: where regulators bring claims under CPLs and consumer protection laws, and how plaintiff’s lawyers wield confidential-communications and wiretapping statutes against consumer data practices. Leave with takeaway lessons and best practices to harden your program.