Kyle Kessler draws on her in-house and outside counsel experience to advise national and international companies across industries on transactional and regulatory compliance, focusing on privacy, cybersecurity, and consumer protection. A certified privacy professional with a marketing communications and public relations background, clients turn to her for counsel that blends practical business solutions with effective legal strategies.

Together with her clients, Kyle develops comprehensive privacy and security compliance programs and policies that meet their obligations internationally (e.g., GDPR) and under U.S. federal (e.g., CAN-SPAM, COPPA, HIPAA, FTC, TCPA) and state laws (e.g., CCPA, CPRA, MHMD). That experience encompasses:

  • Privacy and Cybersecurity: Counsel on complex issues relating to data collection and processing, online tracking technologies, biometric and consumer health laws, AI systems, multinational regulations, privacy-by-design processes, proactive and post-breach counseling, and corporate governance.

  • Compliance: General privacy audits of consumer-facing programs and development of internal and external privacy policies and compliance programs, including risk assessments, data mapping, and responding to regulator requests and investigations.

  • Sales: Review and counsel regarding print advertisements, product placement and media agreements; payment processing; loyalty, awards, and promotions; and federal regulations affecting brick-and-mortar and online businesses.

  • Consumer Protection: Promotions and customer-facing programs, including price comparisons, rewards programs, contests, and sweepstakes; asset review (e.g., related direct mail, in-store assets, websites, and banner advertisements); SMS text messaging (B2B and B2C).

  • Marketing: Marketing and advertising matters, with a focus on influencer programming and disclosure frameworks that comply with relevant regulations.

Kyle also conducts diligence activities for corporate transactions and regularly advises tech companies and startups on the funding lifecycle and corporate compliance post-closing related to privacy and cybersecurity.

Before private practice, Kyle was an in-house attorney at a multinational fast-fashion retailer, where she gained experience in data protection, incident response, unfair and deceptive trade practices, retail laws, and consumer protection matters.

Professional & Civic Engagement

  • International Association of Privacy Professionals (IAPP)

  • LGBT Bar Association of Los Angeles

  • Women in Security and Privacy (WISP)

  • Southwestern Law School, Adjunct Professor – Information Privacy Law, 2018-Present

  • Leadership Council on Legal Diversity, Pathfinder Program, 2022

  • Coalition to Abolish Slavery & Trafficking (CAST), Volunteer Emergency Response, 2016-2017

Certifications

  • International Association of Privacy Professionals, Certified Information Privacy Professional/Europe (CIPP/E)

Publications and Presentations

  • Co-Author, “Nevada and Washington Consumer Health Privacy Laws Take Effect March 31,” Orrick Insights, March 29, 2024

  • Co-Author, “Confidentiality of Substance Use Disorder Patient Records: What to Know About Updates to Part 2,” Orrick Insights, February 15, 2024

  • Co-Author, “California’s Delete Act: 5 Things to Know,” Orrick Insights, October 19, 2023
  • Co-Presenter, “Health Data,” Association of Corporate Counsel Webinar, August 22, 2023

  • Co-Author, “The Consumer Health Data Amendments to the Connecticut Data Privacy Act: Six Things to Know,” Orrick Insights, July 24, 2023

  • Co-Author, “Nevada’s New Consumer Health Data Privacy Law: 6 Things to Know,” Orrick Insights, July 13, 2023

  • Co-Author, “Managing AI Risk: 3 Laws Companies Using Consumer Data for AI Development Need to Know,” Orrick Insights, May 16, 2023
  • Co-Presenter, “And Then There Were Six: Iowa Becomes Sixth State to Pass New Privacy Law,” Webinar, March 31, 2023

  • Co-Author, “What Healthcare Companies Need to Know and Do About Ad Tracking Technologies,” Orrick Insights, March 14, 2023

  • Co-Author, “6 Things to Know About Washington’s My Health My Data Law,” Orrick Insights, May 9, 2023
  • Co-Presenter, “U.S. State Consumer Privacy Laws,” Webinar, October 19, 2022
  • Moderator, “Workplace Diversity, Equity, and Inclusion: Considerations from Across Organizational, Employment, and Data Privacy and Security Perspectives - Sponsored by Intel,” Lavender Law® Conference, July 28, 2022

  • Co-Author, “The Next Frontier of the Fight for Abortion Rights Is Privacy Law | Opinion,” Newsweek, July 27, 2022

  • Co-Author, “Top 10 Action Items for 2021: The California Privacy Rights Act,” Orrick Insights, February 8, 2021
  • Co-Presenter, “California Consumer Privacy Act: What Lies Ahead?” Global Cyber Institute and Thomson Reuters Webinar, April 16, 2020

  • Co-Presenter, “The California Consumer Privacy Act: It’s Not Too Late to Get Started!” Webinar, November 21, 2019

  • Co-Author, “Nevada Passes Opt-Out Law, Effective October 2019 – Three Months Before the CCPA,” Orrick Insights, June 10, 2019

  • Co-Author, “Putting Individuals In The (Urth)Box: FTC Goes After Individual Executives For Unfair And Deceptive Practices,” Orrick Insights, May 29, 2019

  • Co-Author, “2019 IAPP Global Privacy Summit: Lessons from GDPR, Plans for CCPA and the Future of U.S. Privacy Law,” Orrick Insights, May 17, 2019

  • Co-Author, “California Sets the Standard With a New IoT Law,” The Journal of Robotics, Artificial Intelligence & Law, Volume 2, No. 3, May 1, 2019

  • Co-Author, “California Sets the Standard With a New IoT Law,” Orrick Insights, November 15, 2018
  • Co-Author, “Making Your Head Spin: ‘Clean Up’ Bill Amends the California Consumer Privacy Act, Delaying Enforcement But Making Class Litigation Even MORE Likely,” Orrick Insights, September 5, 2018