Maeve’s practice focuses on privacy and cybersecurity law.

Maeve is an associate with the firm’s global privacy and cybersecurity practice and routinely advises on a broad array of privacy and data security issues. She has extensive experience advising clients on cybersecurity incident response, and regularly assists clients with proactive cyber incident readiness activities. Notably, she has advised on data breach response and notification obligations for several large-scale cybersecurity incidents (including the Yahoo! breaches affecting 3.5 billion user accounts). Maeve also regularly advises clients on developing or enhancing existing global privacy compliance programs to help manage privacy risks.

Maeve is a co-chair of the firm’s veteran’s pro bono program and serves on the pro bono committee of Hunton Andrews Kurth’s New York office. Her active pro bono practice includes providing legal services to veterans, focusing on claims related to military sexual trauma. In addition, Maeve represents undocumented children in immigration court matters, and frequently volunteers with the New York City Bar Justice Center’s Legal Clinic for the Homeless, advocating for clients facing denials and reductions of public benefits.

Relevant Experience

  • Regularly advises clients on all aspects of cybersecurity incident response, including engaging third-party services (such as forensic investigation firms, ransomware specialists, credit monitoring services, PR firms and call centers), preparing breach notifications, managing customer service responses to incident-related inquiries, developing media strategies, and preparing investigative reports.
  • Among other large-scale cybersecurity incidents, assisted a global retail and technology company with a cybersecurity incident affecting approximately 150 million user accounts, handling response efforts including notification and multi-jurisdictional investigations by regulators and data protection authorities.
  • Advised a leading beverage provider on all aspects of a ransomware attack, including the forensic investigation, recovery from the attack, ransomware negotiations, engagement with law enforcement, breach notification, and other internal and external communications strategies.
  • Assists clients with proactive cyber incident readiness activities, such as data breach notification toolkits, tabletop exercises, and incident response plans and procedures (including ransomware procedures).
  • Advises clients on the requirements of, and compliance with, emerging privacy and information security laws (including the California Consumer Privacy Act of 2018, California Privacy Rights Act of 2020 and the Virginia Consumer Data Protection Act).
  • Advises clients on developing or enhancing existing privacy compliance programs, including assessing global legal requirements, developing compliance roadmaps, and drafting or revising policies and procedures such as privacy notices, Acceptable Use policies and Bring Your Own Device (BYOD) policies.
  • Advises clients on managing federal, state and and international regulatory inquiries in connection with alleged data security violations, including FTC and state Attorney General investigations and enforcement actions.
  • Negotiates complex privacy and data security provisions and indemnities contained in vendor agreements.
  • Helps companies design and evaluate privacy impact assessments.
  • Advises clients on cross-border data transfer strategies, including assisting Privacy Shield-certified organizations with understanding their compliance obligations following invalidation of the Privacy Shield by the Court of Justice of the European Union in Schrems II.
  • Develops and enhances comprehensive records management programs.
  • Prepares employee training materials focusing on privacy and data security practices and requirements.
  • Assists with internal investigations of privacy- and data security-related allegations.

Insights