Morrison & Foerster has hired the head of Proskauer’s privacy & cybersecurity group to join its growing privacy and data security practice.

Kristen Mathews, a veteran of cybersecurity law, has joined MoFo as a partner in its New York office. Her move is the latest in a string of recent lateral hires in that office— seven other new partners have joined in the last year.

Mathews’ experience includes advising clients on the California Consumer Privacy Act, which was passed in 2018, and the General Data Protection Regulation, a recently implemented European Union law that has reshaped the privacy law landscape around the world.

She also advises clients on how to protect data in M&A deals and how to prepare for and respond to cybersecurity breaches.

“Kristen will further help us meet the rapidly growing global demand for our counsel on privacy and data security matters,” Miriam Wugmeister, co-chair of Morrison & Foerster’s global privacy and data security group, said in a statement. “Her broad practice will be invaluable to our clients as they navigate increasingly complex legal demands and challenges.”

Mathews said she decided to join MoFo’s privacy group, which has over 60 lawyers, because of its deep bench. “I can sit in a conference room with a whole host of other partners who are reading the same nooks and crannies of the law, and we’re working as a team,” she said. “That is a huge benefit.”

Mathews is the eighth lateral partner to join MoFo within the last year. Others have included finance partner Jonathan Jacobs, who came from Riemer and Braunstein in February, and executive compensation partners Ann Becchina and Ron Aizen who came from Davis Polk & Wardwell in January.

Longtime Practitioner

As an early entrant into the field of privacy and cybersecurity law, Mathews has seen a lot of change. When she started her work, she said, firms didn’t have privacy practices.

Mathews began her legal career in 1998 at Brown Raysman Millstein Felder & Steiner, which later became Thelen Reid Brown Raysman & Steiner. She became partner there and then moved to Proskauer in 2008, shortly before Thelen dissolved.

“In the beginning of my practice, privacy was not really a big priority of clients, because they had not yet really experienced a downside,” she said. “They could see it was important intellectually, but they weren’t seeing actual monetary or reputational downside.”

Since then, data protection has become a concern of companies in nearly every industry, she noted.

Mathews’ interest in data privacy began even before she went to law school, while she was an undergraduate at Washington University in St. Louis.

She recalled that back then one of the big legal questions around privacy was about encryption and whether or not it should be legally mandated. “There was a lot of controversy over that, because if the government were to mandate that everything was encrypted, the government would have a key to it,” she said.

As a leader in student government during her undergrad years, Mathews helped organize a campus debate between representatives of the government and a privacy industry group.

At Boston College Law School, she co-founded the Intellectual Property and Technology Forum, which published articles on emerging legal issues in the field.

With her current work on the GDPR, Mathews’ career has in some ways come full circle.

She entered the data privacy field just as the European Union’s Data Protection Directive, a predecessor to GDPR, was coming into effect. “One of my first assignments was to help create a book that was basically everything you need to know about the privacy directive, and it was made for one of our biggest clients at the time,” she said.