Data Privacy & Cybersecurity Compliance Attorney
Antonia is an attorney with experience at the intersection of data privacy, cybersecurity, and technology. She counsels clients on domestic and international data privacy and cybersecurity laws and challenges, working with clients to strategize in business growth and opportunities. She has experience collaborating with companies across a variety of industries and sectors including banking, manufacturing, healthcare, pharmaceuticals, marketing, entertainment, and retail. She leverages this experience to partner with a wide variety of stakeholders, including executives, in-house counsel, and key business units (e.g., information security/technology, human resources, and marketing departments), to identify potential vulnerabilities and liabilities in their policies and procedures and works to mitigate legal risk using practical, cost-effective solutions.
She also works with clients to build customized comprehensive compliance programs mapping cybersecurity controls and frameworks, such as the National Institutes of Standard and Technology and International Standards Organization frameworks with current global privacy and cybersecurity regulations. Antonia provides counsel to clients on international privacy regulations, such as the European Union’s General Data Protection Regulation (GDPR), Canada’s Personal Information Protection, and Electronic Documents Act (PIPEDA), as well as domestic privacy laws, such as the California Consumer Privacy Act (CCPA), and biometric laws, such as the Illinois Biometric Information Privacy Act (BIPA). She works with clients to address emerging state privacy laws as well as emerging technology, including Artificial Intelligence, Blockchain and advertising technology (AdTech) for digital and targeted advertising. She performs detailed reviews of websites, e-commerce platforms, and mobile applications for privacy compliance and to identify key areas of risk such as deficiencies in privacy notices and consent mechanisms (e.g., cookie consent banners) and accessibility issues for American with Disabilities Act (ADA) compliance.
In addition to her compliance work, Antonia provides insight and experience within Beckage’s incident response and litigation practices. She is versed in a variety of consumer protection laws, including the Telephone Consumer Protection Act (TCPA), the Federal Trade Commission’s Act, and other related regulatory regimes. She uses her experience in developing and implementing incident response, breach notification, and business continuity plans to assist clients with coordinating efforts to address security and privacy events both domestically and internationally.
Prior to joining Beckage, Antonia worked at a boutique law firm, focusing much of her practice on privacy compliance for clients in emerging technology, media, entertainment, and retail, including industry-driven privacy obligations (e.g., Apple’s Privacy Labels for mobile applications). She also has pre-legal and practical experience in other areas such as marketing and project management (including development of marketing strategies and materials, website design and development, managing customized software development projects, and installation of smart devices and building automation systems). Leveraging her experience in technology, she counsels clients on privacy related issues emerging from marketing activities through websites, e-commerce platforms, mobile applications, email marketing and telephone communications and texting.
Outside of her legal practice, Antonia is passionate about people and community involvement, both in a professional and personal capacity. She supports and encourages global and diverse perspectives and organizations. She contributes her own global perspective from living and working abroad and she is fluent in English and Spanish. She has participated in charitable work with the American Red Cross Disaster Relief Program, Pennsylvania Bar Association’s Wills for Heroes, and HIAS Pennsylvania’s Citizenship Day (assisting Spanish-speaking applicants). She volunteers to mentor young students interested in cyber and STEM and college students seeking a legal education (particularly those from diverse backgrounds and low socioeconomic status). She enjoys being an active participant in discussions on hot topics in privacy, cybersecurity and technology as well as issues of diversity, equity and inclusion. She frequently presents at events and hosts webinars addressing key issues in privacy. She is also an Adjunct Professor at Chestnut Hill College on cybersecurity law.
Legal and Professional Associations
- DC Bar Association
- International Association of Privacy Professionals (IAPP)
- Blacks in Cybersecurity
- Women in Technology
Recognitions & Thought Leadership
- Young Privacy Professional, International Association of Privacy Professionals (IAPP), 2021-2022
- Adjunct Professor, Masters in Cybersecurity, Chestnut Hill College
Membership and Admission
- District of Columbia
- Temple University Beasley School of Law, J.D., 2018
- Universidad de Rey Juan Carlos, School of Law and Social Sciences, 2010-2012
- University of Salamanca, Spanish Language and Culture Certificate, 2008
- Saint Joseph’s University, B.A. with honors, Humanities and Philosophy Minor, 2007
- Montgomery County Community College, A.A. with honors, 2004
Experience and Expertise
- Creates tech-forward approaches to cybersecurity and data privacy compliance
- Evaluates data processing activities and business processes to develop technical and organizational measures for data privacy compliance
- Develops and implements domestic and global data privacy and security compliance programs
- Develops policies, procedures, and work instructions to address identified compliance risks in data processing activities and processes
- Creates breach response, breach notification, business continuity, and disaster recovery plans and advises clients on implementation during a breach
- Advises clients on risks associated with third-party products and services and assists with contract review and third-party vendor management
- Conducts domestic data privacy and security compliance assessments under applicable laws and frameworks (including CCPA and other state privacy laws)
- Performs international privacy compliance assessments to identifies compliance risks (including under the GDPR and PIPEDA)
- Performs audits, assessments, and gap analyses of a client’s existing contractual and technological infrastructure from a privacy perspective