Lisa V. Zivkovic

Dr. Lisa V. Zivkovic advises clients on cutting-edge privacy and cybersecurity issues, particularly as they relate to AI and financial privacy. Dr. Zivkovic has extensive experience counseling clients on global data privacy compliance, data breach response and planning, cyber fraud, data security planning, cross-border data transfers, information management and cloud computing, as well as on government investigations. In recognition of her work, she was selected as an honoree of the American Bar Association’s On the Rise – Top 40 Young Lawyers Award in 2023.

Dr. Zivkovic’s counsel has been sought by a wide range of clients, including companies from the AI, technology, financial services, data aggregation and analytics, automotive and telematics sectors. She also has advised clients on matters involving numerous U.S. and international privacy laws, including the California Consumer Privacy Act, EU General Data Protection Regulation, the Gramm-Leach-Bliley Act, the Federal Trade Commission Act, the Electronic Communications Privacy Act and the Children’s Online Privacy Protection Rule.

Dr. Zivkovic received her Ph.D. on the history of data privacy in the U.S. and Europe, a topic she utilizes in her practice to emphasize the importance of understanding the underlying technology of communication network systems when assessing her clients’ needs. Prior to joining Skadden, she was an associate in the privacy and data security practice of another international law firm.

Representative Cybersecurity, Privacy and AI Matters (prior to joining Skadden)

• implementing global privacy compliance programs, including for one of the world’s largest media and content providers relating to the launch of its ad-based and paid video streaming services (addressing U.S. and Latin American privacy regulations) and for a multinational insurance company (addressing U.S., EU and financial privacy regulations)
• building out a GDPR compliance program for a major multinational technology company in response to a regulatory inquiry by the Commission Nationale de l’Informatique et des Libertes, the French data protection authority
• advising a publicly traded multinational e-commerce platform on its Gramm-Leach-Bliley and U.S. state privacy compliance programs
• advising multinational companies across a range of sectors, including an insurance company, a major technology company and an AI company, on novel privacy and cybersecurity concerns related to the use of AI models in client services
• responding to ransomware and extortion attacks from hackers, which involved extensive regulatory, law enforcement and intelligence investigations across multiple jurisdictions. These representations required analyzing and complying with breach reporting obligations across global data protection regimes on behalf of major global companies, including a cryptocurrency exchange, as well as pharmaceutical, media and insurance corporations
• advising on due diligence of privacy and security risks for some of the most complex technology deals, including for a range of well-known entities that invest and process large amounts of consumer data and AI products
• negotiating data processing agreements for multinational companies in a range of sectors, including for outsourcing deals and inter-affiliate cross-border transfers