Our Website Uses Cookies
We and the third parties that provide content, functionality, or business services on our website may use cookies to collect information about your browsing activities in order to provide you with more relevant content and promotional materials, on and off the website, and help us understand your interests and improve the website.
For more information, please contact us or consult our Privacy Notice.
Your binder contains too many pages, the maximum is 40.
We are unable to add this page to your binder, please try again later.
This page has been added to your binder.
Alexandra Scott advises clients on a wide range of privacy and cybersecurity issues.
Ms. Scott regularly assists clients with privacy issues before legislatures and enforcement agencies. In her legislative work, she helps clients strategically engage with policymakers during the drafting and amendment process to make their voices heard. Ms. Scott also proactively counsels clients on the substantive requirements introduced by new laws, as well as how to navigate the patchwork of existing privacy obligations. She also represents clients in responding to informal investigations and enforcement actions from federal and state regulators.
Ms. Scott also has experience representing clients in responding to a wide range of cybersecurity incidents, including advanced persistent threats targeting personal and financial information. Her practice includes assisting clients in strategically engaging with regulators who propose new cybersecurity principles, assessing breach notification obligations, and engaging with regulators in the wake of an incident.
- Advises companies on state privacy law obligations, including those introduced by the California Privacy Rights Act.
- Assisted clients engaging with state legislatures on new privacy proposals, including by drafting comments and talking points on their behalf.
- Represents multiple companies in responding to data and cybersecurity incidents, including attacks by Advanced Persistent Threats targeting personal and financial information.
- Represented clients before state regulators in matters related to data security incidents.
- Representing a client before the Federal Trade Commission in a privacy and cybersecurity enforcement action.
- Provides ongoing privacy and data protection advice to a number of companies; including on terms of use and privacy policies, and how to comply with state data breach notification laws.
- Counsels companies on privacy and cybersecurity due diligence issues in connection with major corporate transactions.
- Conducted privacy audit of global social media applications and data retention audit of enterprise mobility application.
- Advised global technology companies on the California Consumer Privacy Act, including how companies can leverage existing global procedures to comply with that legislation.
- Counseled television journalists on privacy, defamation, copyright, and newsgathering issues.
- Advised a large multi-faceted media company on compliance with advertising laws.
Pro Bono
- Represented military veteran in CAVC proceedings.
- Represents juvenile in immigration proceedings.
- Represents petitioner in state clemency proceedings.
- Represented domestic violence victim in restraining order proceedings.
- Draft comments on behalf of non-profit in rulemaking procedure regarding biometric data.
Previous Experience
- Hon. Stephen J. Reinhardt, Ninth Circuit Court of Appeals, Judicial Extern
March 18, 2021, Inside Privacy
The five members of the California Privacy Protection Agency (“CPPA”) were announced today. The members – who were appointed by Governor Newsom, Attorney General Becerra, Senate President pro Tempore Atkins, and Assembly Speaker Rendon – will lead the new agency, which will have rulemaking and enforcement authority under the California Privacy Rights Act ...
February 26, 2021, Inside Privacy
Several states have proposed new privacy bills since their sessions began. Some of the proposed bills carry over or re-introduce bills drafted in previous legislative sessions, while others are introducing first-in-time omnibus privacy bills. In the high-level chart below, we compare five of the key state privacy frameworks: the CPRA, VCDPA (which we blogged ...
January 21, 2021, Inside Privacy
Washington State Hearing on Latest Privacy Bill Highlights Competing Interests For Best Practices and Data Minimization On January 14, 2020, Washington’s State Senate Committee on Environment, Energy & Technology received public testimony about Senate Bill 5062, the “Washington Privacy Act.” Representatives from trade associations, the Attorney General’s ...
CPRA: Challenges for Updating Your Privacy Program … Again
January 19, 2021, IAPP Privacy Education Webinar
January 5, 2021, Inside Privacy
Last year, Californians passed proposition 24, also known as the California Privacy Rights Act (“CPRA”). That law makes several changes to the California Consumer Privacy Act (“CCPA”), including some that relate to an organization’s cybersecurity practices. So, as you begin to prepare your organization’s CPRA compliance strategy, keep in mind the following ...
December 21, 2020, Inside Privacy
As the year comes to a close, a reminder that the California Consumer Privacy Act requires companies to update their privacy policies annually. Consequently, as you get ready to spread the holiday cheer, make sure your privacy policy gets some attention as well.… Continue Reading
December 11, 2020, Inside Privacy
Yesterday, the California Attorney General (“AG”) proposed a fourth set of modifications to the California Consumer Privacy Act regulations. These modifications build on the third set of proposed regulations released by the AG in October, which we discussed here. Interested parties have until December 28 to submit comments in response. The proposed modifications ...
Trust & Safety: Do Privacy Laws Limit Our Ability to Protect Player Safety?
December 10, 2020, 2020 Video Game Associations Global Summit
November 5, 2020, Inside Privacy
Voters in California approved Proposition 24, which updates the California Consumer Privacy Act (“CCPA”) just a few months after the landmark regulations implementing the privacy law went into effect. As we have previously explained, the California Privacy Rights Act (“CPRA”) will change the existing CCPA requirements in a number of ways, including limiting the ...
September 25, 2020
WASHINGTON—Covington represented leading defense contractor Amentum on government contracts and other regulatory matters in its just-announced deal to acquire DynCorp International, a worldwide leader in aviation and logistics support service. Together, the two companies will create one of the largest providers of mission critical support services. The ...
August 18, 2020, Inside Privacy
Two developments in the past week will likely have a significant impact on businesses subject to the California Consumer Privacy Act (“CCPA”): the long-awaited CCPA regulations have been finalized and put into immediate effect with modifications, while at the same time it seems increasingly likely that the exemptions for employees’ and business-to-business ...
July 22, 2020, Inside Privacy
On July 17, 2020, the High-Level Expert Group on Artificial Intelligence set up by the European Commission (“AI HLEG”) published The Assessment List for Trustworthy Artificial Intelligence (“Assessment List”). The purpose of the Assessment List is to help companies identify the risks of AI systems they develop, deploy or procure, and implement appropriate ...
June 22, 2020, Covington Alert
On June 1, California Attorney General Xavier Becerra announced that he has submitted to the Office of Administrative Law the final regulations implementing the California Consumer Privacy Act (“CCPA”). While the final regulations do not make any changes to the second modified version of the regulations released in March, the commentary released by the Attorney ...
May 22, 2020, Inside Privacy
On May 5th, 2020, the California Assembly Committee on Privacy and Consumer Protection held a hearing and considered AB 2811, a bill that would amend existing California law governing automatic renewals. As currently drafted, AB 2811 would: require businesses to provide 3-7 days’ notice explaining how to cancel an automatic renewal offer or continuous ...
IAPP: 'Sale' Under CCPA May Not Be as Scary as You Think
October 29, 2019
As the effective date of the California Consumer Privacy Act looms closer, companies are grappling with the significance of the law and its definitions. One defined term in particular, “sale,” has sparked heated debate between industry and consumer advocates, and even within the legal profession. While much has been said about this term, more needs to be said. ...
October 11, 2019, Covington Alert
On October 10, 2019, California state attorney general Xavier Becerra announced the release of proposed implementing regulations concerning the California Consumer Privacy Act (CCPA). Interested stakeholders can submit written comments until December 6, 2019 at 5 PM (Pacific Time). In addition, four public hearings will be held on December 2nd (Sacramento), ...
September 27, 2019, Covington Alert
Real estate developer Alastair Mactaggart is making news with the announcement of another privacy ballot initiative, the California Privacy Rights and Enforcement Act (“CPREA”). He intends to include his new initiative on the November 2020 ballot.
Privacy and Data Security for Startups
March 12, 2019, Startup@BerkeleyLaw Founders
Key Issues Under the Evolving Privacy Frameworks of China, The US and the EU: Artificial Intelligence, Facial Recognition, and the Definition of Privacy Harms: An Invitation-Only Roundtable
February 28, 2019, Berkeley Center for Law and Technology

California Consumer Privacy Act (CCPA)
We are representing clients on California Consumer Privacy Act (CCPA) compliance, including in the legislative amendment and rulemaking proceedings associated with the CCPA and in developing working plans to come into compliance with the CCPA.