Matthew R. Baker

Practice Group Chair - Privacy & Cybersecurity Partner

Matthew Baker

San Francisco

P: +1.415.291.6213
F: +1.415.291.6313

Matthew's cross-disciplinary practice focuses on data privacy, cybersecurity, crisis management, and incident response for a broad range of industries. He is well-versed in multi-jurisdictional privacy compliance; cyber risk identification, mitigation, and response strategies; complex information governance and data management issues; and cross-border electronic discovery. His diverse experience at the intersection of litigation, informational and operational technology, and data management enables him to provide clients with comprehensive business-oriented counsel proactively and in real time.

Matthew routinely counsels clients on considerations arising under a wide range of domestic and international privacy and security laws, standards, and best practices. Such frameworks and standards include the California Consumer Privacy Act of 2018 (CCPA), the Illinois Biometric Information Privacy Act (BIPA), the EU's General Protection Data Regulation (GDPR), Canada's Personal Information Protection and Electronic Documents Act (PIPEDA), and Brazil's General Data Protection Act (LGPD), as well as regulatory guidance and international standards relating to privacy and security, such as NIST or ISO standards.

In addition, Matthew has managed dozens of cyber and privacy incidents for multi-national companies through all aspects of investigation, remediation, notification, regulatory engagement, and litigation. With his keen awareness of the enforcement landscape, Matthew assists clients with incident and crisis response preparedness. As part of this, Matthew works hand-in-hand with clients to develop tabletop exercises, simulations and drills for individuals in a variety of roles to help identify and address gaps in procedures and protocols for emergent situations.

Matthew is a certified privacy and information management specialist, including as a: Certified Privacy Program Manager (CIPM); Certified Information Privacy Professional - U.S. (CIPP/US); and Certified Information Privacy Professional - Europe (CIPP/E).

Prior to joining the firm, Matthew represented clients in complex criminal and commercial litigation matters throughout all phases of regulatory investigations, trial and appellate proceedings, with a focus on environmental and energy-related litigation. During law school, Matthew served as a law clerk for the U.S. Attorney's Office for the Southern District of California.

+ View More