Travis LeBlanc

Travis co-chairs Cooley’s global cyber/data/privacy practice. He is a top authority on cybersecurity, data privacy, telecommunications, and the regulation of emerging and innovative technologies. Drawing on his broad experience in federal and state government, he helps clients manage regulatory and litigation risk, as well as strategically respond to data breaches, cyberattacks, nation-state attacks, dissemination of stolen data, misinformation campaigns and government enforcement efforts, including those by the Federal Trade Commission (FTC), Federal Communications Commission (FCC) and state attorneys general.

In addition to advising boards of directors and senior corporate officers on crisis management, internal investigations, information governance and national security matters, Travis counsels clients on antitrust investigations, telecommunications strategies and regulatory enforcement responses. The respect and skills Travis has earned during his career have translated into appointments across the political spectrum, including his selection by the US Department of Commerce and the European Commission to serve as an arbitrator for the EU-US Privacy Shield Framework, and his unanimous US Senate confirmation to the US Privacy and Civil Liberties Oversight Board.

With his broad understanding of technology, media and telecommunications, as well as his senior government experience at the national and state levels, Travis is uniquely positioned to advise and represent clients in litigation on a range of data privacy, cybersecurity and information management issues, including data breaches, class actions and government enforcement actions. Travis has assisted clients with federal and state telecommunications needs, including FCC proceedings and regulations and merger reviews. He has worked with Congress and other regulatory agencies on behalf of clients, and advocated for emerging and established technology companies before regulatory bodies. He also has worked closely with senior officials at other federal, state and international agencies, including the FTC, US Securities and Exchange Commission (SEC), Consumer Financial Protection Bureau (CFPB), Department of Justice (DOJ), all 50 state attorneys general, and data protection authorities (DPAs) across the globe. His deep understanding of the regulatory and legal landscapes helps Travis strategically respond to and favorably resolve government inquiries and legal disputes.

Travis currently serves on the US Privacy and Civil Liberties Oversight Board, a position he has held since 2019 after being nominated by then-President Donald Trump and confirmed by the Senate. Travis was renominated to the board by President Joe Biden in 2022. As former chief of the FCC’s Enforcement Bureau during the Obama administration, Travis spearheaded hundreds of enforcement actions involving consumer issues, such as false advertising and the Telephone Consumer Protection Act (TCPA), unfair competition, regulatory compliance, and fraud, waste and abuse of government programs.

Travis previously served as a senior adviser to former California Attorney General (now Vice President) Kamala Harris and as special assistant attorney general of California, where he oversaw the state’s complex policy and litigation in areas including technology regulation, high-tech crime, cybersecurity, privacy, intellectual property, antitrust, healthcare, telecommunications and human trafficking. Prior to this high-profile California role, he served during the Obama administration as an attorney in the DOJ’s Office of Legal Counsel, which advises the president, attorney general and executive branch agencies on the constitutionality and legality of US government programs and activities.

Travis’ background and leadership roles, as well as his practice at leading law firms, have translated into advising clients – both nationally and globally – on responding to and finding solutions for novel local, state, federal and cross-border issues. He also has represented companies, boards, founders, CEOs, executives and other prominent individuals in a diverse array of complex and bet-the-company civil litigation, government investigations and advisory matters.

Travis’ notable representative experience includes:

• Serving as general privacy and security counsel to a leading technology company that innovates in the areas of education, science, justice and opportunity
• Representing a multinational group of software companies in an investigation by the California attorney general into the group’s compliance with the California Consumer Privacy Act (CCPA)
• Advising numerous public and private companies data privacy compliance and transactional risk

• Advising the board and senior officers of Foot Locker on cyber preparedness
• Serving as outside counsel to the cyber risk committee of a major public company
• Representing a major global law firm as outside cybersecurity counsel
• Counseling public company clients on the SEC’s cybersecurity guidelines and proposed roles

• Representing the State Bar of California in connection with a high-profile data breach
• Representing a multinational technology company in connection with a cyberattack, ransom negotiations, and global notifications
• Representing a major defense contractor in response to a former employee who exfiltrated a large amount of financial data outside of the company
• Counseling numerous clients through data breaches, ransomware events, business email compromises and other cyberattacks

• Representing a high-profile celebrity in connection with the FTC’s compliance guidelines for social media influencers
• Representing Tapjoy in an FTC investigation of mobile advertising practices in connection with virtual rewards
• Representing an online dating application in an FTC and state attorney general investigation relating to privacy and data security
• Representing a videoconferencing service provider in FTC, state attorneys general and international regulatory investigations concerning the company’s privacy and security practices
• Representing a top on-demand mobile application company in an FTC investigation involving a data breach
• Representing a social media company in a state attorney general investigation of children’s privacy in relation to the Children’s Online Privacy Protection Act (COPPA)
• Representing a multichannel video programming distributor in connection with a multistate antitrust merger review by 20 state attorneys general
• Representing a fintech company in connection with a California attorney general investigation of data privacy and security practices
• Representing an online gaming company in connection with a California attorney general investigation of online gambling
• Defending a leading customer engagement platform against an FTC and Washington attorney general investigation into the company’s policies and practices related to Apple’s AppTracking Transparency framework and compliance with COPPA requirements

• Defending Chegg in mass arbitration litigation arising from a 2018 data breach impacting 40 million users
• Defending FabFitFun in a class action lawsuit arising from a breach of credential and payment card information
• Representing Marsh McLennan in a class action lawsuit filed in the Southern District of New York arising out of a cyberattack
• Representing a prominent global business figure in a national security investigation and litigation arising from a nation-state cyberattack and resulting misinformation campaign
• Defending a data analytics company against a putative class action resulting from an exposure of millions of voter records by a cybersecurity researcher, successfully securing the lawsuit’s dismissal

• Representing DraftKings in litigation seeking to unmask and punish parties linked to a distributed denial-of-service (DDoS) attack on its website
• Representing Facebook and WhatsApp in a lawsuit against Israeli cyber-intelligence firm NSO Group alleging that NSO exploited a vulnerability in the encrypted messaging app to infect more than 1,400 phones with malware
• Representing an online real estate technology company in litigation seeking to identify parties who unlawfully distributed the company’s confidential information
• Advising a gig economy online delivery service in an investigation of users who were cheating to secure in-demand assignments
• Representing Prodege in John Doe litigation against an anonymous individual harassing Prodege employees online

• Defending Coinbase in class action litigation arising from an online sweepstakes related to cryptocurrency
• Defending a high-profile celebrity in a class action involving the promotion of cryptocurrency through social media

• Supporting several clients in responding to and defending against TCPA demands
• Representing T-Mobile before state attorney general and public utilities commissions in its merger with Sprint
• Representing a global light-emitting diode (LED) manufacturer in an FCC enforcement investigation
• Representing a counter-unmanned aerial systems manufacturer company in an FCC regulatory investigation
• Representing a broadcasting company in a financing dispute with another broadcaster and a financial institution

Publications and presentations

• Panelist for “Closing Session and Privacy Predictions for 2023,” SPOKES Privacy Technology Conference Summer 2022, June 23, 2022
• Speaker at “DC Fly-In Virtual Fireside Chat,” Interactive Advertising Board, June 15, 2022
• Panelist for “Incident Response Panel: Ransomware Attacks,” Incident Response Forum Masterclass 2022, April 21, 2022
• Speaker at “Stanford Cybersecurity Law: A View From the Front Lines,” Stanford Cyber Policy Center session, April 7, 2022
• Panelist for “Finding Your Flow as a Global Organization: Avoiding Pitfalls and Navigating the Dynamic Environment of International Expansion,” TechGC 2022 DeputyGC National Summit, March 17, 2022
• Panelist for “The Colonial Pipeline Data Breach – A Case Study,” American Bar Association Criminal Justice Section’s 37th National Institute on White Collar Crime, March 3, 2022
• Panelist for “Ransomware 2.0: Responding to Exfiltration/Name and Shame,” Incident Response Forum Ransomware 2022, January 13, 2022
• Panelist for “Privacy Best Practices and Recent Regulatory Developments,” World Bank Data Privacy Day 2022 virtual event, January 27, 2022
• Speaker at the 45th Annual IP Institute: Shifting Tides – Intellectual Property in a Changing World, California Lawyers Association, November 9, 2021
• Panelist for “National Security and Privacy: Recent Developments and Emerging Challenges,” SPOKES Privacy Conference Summer 2021, June 29, 2021
• Speaker at “International Data Flows Post Schrems-II: What to Expect and What to Forget,” Trustarc Privacy Risk Summit, March 10, 2021
• Panelist for “Systematic Bias: AI as Cause and Cure,” American Bar Association Section of Science & Technology Law Artificial Intelligence and Robotics National Institute, October 7, 2020
• Speaker on summit session keynote panel, “CCPA Enforcement: Enter the AG,” International Association of Privacy Professionals (IAPP) Summit 2020, July 9, 2020
• Speaker on “NSA, FBI, the State of Surveillance and a Career in Cyber/Privacy: Conversation With Travis Leblanc ’03,” Yale Law School event, December 3, 2019
• Moderator for “What In-House Counsel Expects of Its Outside Counsel With Respect to Cybersecurity,” Fourth National Institute on Cybersecurity and Data Protection: A Law Firm’s Responsibility in Managing Data Risk, June 20, 2019
• Interviewer for a keynote discussion with Christopher Krebs, director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), Georgetown Cybersecurity Law Institute, May 22, 2019
• Panelist for “Understanding the CCPA – How Enforcement Will Work: Private and Regulatory Action,” IAPP Global Privacy Summit, May 1, 2019
• Speaker at the AI and data privacy workshop, European Conference 2019 at Harvard, March 9, 2019
• Panelist for “Hear From the Regulators: Enforcement of the California Consumer Privacy Act Through Private and Regulatory Action,” RSA Conference USA 2019, March 4, 2019 

Recognitions

• Chambers USA: Privacy & Data Security
• The Legal 500 US: Dispute Resolution – General Commercial Disputes
• The Legal 500 US: Telecoms and Broadcast – Regulatory and Transactions
• Cybersecurity Docket: Incident Response 30 (list of the 30 best and brightest data breach response lawyers)
• The Daily Journal: Top Cyber Lawyer
• The Daily Journal: Top 100 Lawyers in California
• The National Law Journal: Cybersecurity & Data Privacy Trailblazer

Government Service

• US Privacy and Civil Liberties Oversight Board, Board member
• EU-US Privacy Shield Framework, Arbitrator
• FCC Enforcement Bureau, Chief
• California DOJ, Special assistant attorney general
• US DOJ’s Office of Legal Counsel, Attorney adviser
• US Court of Appeals for the Ninth Circuit, Appellate lawyer representative 

Clerkships

• Judge Stephen Reinhardt, US Court of Appeals for the Ninth Circuit