Lei Shen

Lei advises clients on a wide range of global data privacy issues and works collaboratively to develop practical privacy and data protection strategies for their products and services. She helps companies navigate and comply with state, federal and international privacy regulations including the California Consumer Privacy Act (CCPA) and other state consumer data protection laws. She also advises on issues concerning emerging technologies, such as telematics, connected products and services (including connected and autonomous vehicles), and AI.

Lei has extensive experience working with companies across many industries to develop internal and external privacy policies and programs, including global policies and programs for companies that operate in dozens of jurisdictions internationally. She also helps companies create privacy-related terms and playbooks for customer and vendor agreements. 

Lei has been accredited by the International Association of Privacy Professionals (IAPP) as a Certified Information Privacy Professional/United States (CIPP/US) for over 10 years. She was named to Global Data Review’s “40 Under 40” list for top data lawyers from around the world. Lei frequently speaks and writes on data privacy-related topics. 

Prior to joining Cooley, Lei was a partner at Mayer Brown.

Select Speaking Engagements

• “AI: Biometric and Facial Recognition," ACC NYC Licensing, IP and Technology, July 13, 2022
• “Privacy and Cybersecurity: Governance, Oversight, and Third-Party Risk,” PLI Privacy and Cybersecurity Law Institute, June 6-7, 2022
• “Data in Society,” Northwestern Law School, October 23, 2021
• “Privacy and Data Security Issues in Outsourcing,” PLI Outsourcing 2021: Innovation and Disruption, October 22, 2021
• “Privacy and Data Security: Governance and Transactions,” PLI Institute on Privacy and Cybersecurity (Twenty-Second Annual), June 9, 2021
• “CCPA and CPRA — An Update,” IRES National School on Market Regulation 2021, March 24, 2021
• “CCPA v2 — What You Need to Know about the New California Privacy Rights Act (CPRA),” Asia Video Industry Association (AVIA), January 13, 2021
• “Third Party and Vendor Privacy,” PLI Fundamentals of Privacy Law 2020, December 14, 2020
• “Privacy and Data Security Issues in Outsourcing,” PLI Outsourcing 2020: Innovation and Disruption, October 28-29, 2020
• “Are You Ready for California’s New Data Privacy Law?” NAREIM Legal & Compliance Meeting, November 21, 2019, Chicago, IL
• “Privacy for Connected Vehicles,” Auto-ISAC 2019 Summit, October 23, 2019, Plano, TX
• “Preparing for the California Consumer Privacy Act (CCPA): What You Need to Know and Do Now,” American Land Title Association (ALTA) Webinar, October 10, 2019
• “Managing Cyber and Privacy Risk in Third-Party Contracts,” PLI Institute on Privacy and Cybersecurity (Twentieth Annual), June 4, 2019, Chicago, IL
• “Privacy, GDPR, Security – Local and Global Landmines Abound,” National Society of Compliance Professionals (NSCP) 2019 Spring Conference, April 20, 2019, Chicago, IL
• “Data Privacy,” Seyen Capital SCENES 2019 Conference, April 2, 2019, Chicago, IL
• “Privacy and Data Security Issues,” PLI Outsourcing 2018: ITO, BPO and Cloud, November 1-2, 2018, New York, NY
• “What Clients Want: Cybersecurity Requirements You Never Dreamed Of,” American Bar Association Webinar, October 17, 2018
• “Privacy and Data Security Issues,” PLI Outsourcing 2018: ITO, BPO and Cloud, October 1-2, 2018, Chicago, IL 
• “Hot Topics in M&A,” American Bar Association’s 2018 CLE in the City, August 2, 2018, Chicago, IL
• “GDPR Triage: In the Midst of 10,000 Contracts to Review, Picking the Spots to Mitigate the Biggest Risks,” Corporate Counsel Presents: 18th Annual SuperConference, May 22-23, 2018, Chicago, IL
• “Preparing Your Vendor Agreements for the GDPR,” American Bar Association Webinar, January 31, 2018
• “Vendor Agreements and the New EU GDPR – Steps to Take Now,” Strafford Webinar, January 30, 2018
• “GDPR for Mostly U.S. Organizations,” Illinois State Bar Association Seminar, January 11, 2018, Chicago, IL
• “Preparing Your Vendor Agreements for the GDPR,” Sourcing Industry Group (SIG) Webinar, October 24, 2017
• “General Data Protection Regulation: It's Coming... Are You Ready?” Worldwide ERC - Global Workforce Symposium, September 27-29, 2017, Chicago, IL