Steve serves as Counsel for Cyber, Data Privacy & Technology at Parker Poe Adams & Bernstein LLP (www.parkerpoe.com), a 300-attorney law firm with offices in 8 cities, including Washington, D.C. and Atlanta, GA. Steve works in the Charleston, S.C. office.
Steve is an experienced software licensing attorney with deep cybersecurity and data privacy expertise. He holds the CIPP/E (Europe) and CIPM (Certified Information Privacy Manager) certifications for data privacy and will soon acquire the new certification for artificial intelligence (Artificial Intelligence Governance Professional).
Steve advises U.S. and international companies on the full range of data protection laws, including GDPR, CCPA, CPRA, the Colorado Privacy Act and the 13 other state data privacy laws, including Washington’s, Nevada’s and Connecticut’s new laws regulating consumer health data. He has done a video on the new E.U. Artificial Intelligence Act and advises on President Biden’s new Executive Order on A.I. and the new FARs relating to cybersecurity, which will be mandatory contract requirements for all DoD and civilian agency contracts.
Steve enjoys operationalizing data privacy programs by conducting data inventories and drafting privacy policies & notices, data subject access requests, opt-in & opt-out consents, employee privacy notices, DPIAs, ROPAs, employee training programs, incident response policies, written information security programs and related documentation. Steve also conducts data privacy due diligence for corporate M&A transactions and provides strategic data management advice to global companies, consulting firms and investors.
With the arrival of artificial intelligence, Steve advises on the wave of new regulations requiring notice of AI-generated content, disclosure of how AI algorithms work and proof that automated processing will not create discriminatory impacts.
Steve’s software expertise includes all forms of software development & licensing, including SaaS, Cloud, data hosting, IT services agreements and data security documentation such as data processing agreements, data security frameworks and compliance with the EU-US Data Privacy Framework.