Tanya L. Forsheit

Forsheit is chair of Frankfurt Kurnit’s nationwide privacy and data security group and the supervising partner of the firm’s Los Angeles office. She founded and is the immediate past chair of the Los Angeles County Bar Association’s privacy and cybersecurity section, and she teaches privacy and cybersecurity law as a Loyola Law School adjunct professor. Since March 2020 she has served on Frankfurt Kurnit’s policy committee.

From 2009 to 2014, she helmed her own virtual firm, InfoLawGroup LLP, with partners across the country, so she’s used to working remotely. “But I haven’t been into our Frankfurt Kurnit offices in Century City since this [pandemic] began, and I miss it,” she said. “One good thing is that even before, we were moving to a different floor, so construction can proceed while we are all away. Now, the contractors send us photos as they work.”

In 2016, Forsheit moved to Frankfurt Kurnit from a partnership at Baker & Hostetler LLP, where she practiced privacy compliance, due diligence and regulatory law.

She traces the rise of privacy law as a niche in the legal profession from 2003, when California passed a data security breach notification law. “Until then, notification of data losses was confined to certain sectors, like financial services and HIPAA in the health care industry. But California suddenly created a whole new need for data security and for dealing with the consequences of breaches. Before then, it really wasn’t cool to be a privacy lawyer.” Then, in 2013, the massive Target Corp. data breach transformed that view and put privacy on the map as a key element in counseling corporate clients.

Forsheit said Frankfurt Kurnit recruited her soon after several New York partners launched its Los Angeles offices. “I was the first Los Angeles-based partner, and I immediately found that this firm brings together all the right synergies for me in the realms of advertising, entertainment and media law.”

In her role at the firm she serves as regular outside privacy counsel to numerous national and multinational companies and trade associations, including the News Media Alliance, Dunkin’ Brands, and TaskRabbit. She has assisted hundreds of organizations with understanding and implementing the compliance requirements of the California Consumer Privacy Act and the EU General Data Protection Regulation. She has testified before the Assembly’s privacy committee regarding the CCPA, potential amendments, and draft regulations. And she has filed comments with the California attorney general on behalf of multiple trade associations with respect to the CCPA draft regulations.

A long-term goal is for the U.S. to achieve a federal privacy law. “It should be closer to the European model, and it would save us from having to navigate a patchwork of 50 states’ individual statutes,” Forsheit said. “Now, of course, we sare looking to the changes that Proposition 24 may bring.”

— John Roemer