The Legal 500

Twitter Logo Youtube Circle Icon LinkedIn Icon

Hunton Andrews Kurth LLP

Work +212 309 1000
Fax +212 309 1100

Lisa J. Sotto

Work (212) 209-1223
Hunton Andrews Kurth LLP

Work Department

Corporate: Global Technology, Outsourcing & Privacy


Lisa chairs Hunton & Williams LLP's top-ranked global privacy and cybersecurity practice, is the managing partner of the firm’s New York office, and is a member of the firm's Executive Committee.


Lisa Sotto has received widespread recognition for her work in the areas of privacy and cybersecurity. Clients consider her work “outstanding,” and she has been called a "phenomenal lawyer" and hailed as the “queen of privacy.” Lisa was named among The National Law Journal’s “100 Most Influential Lawyers,” an honor bestowed on practicing attorneys who are making the biggest impact in the legal world.

Lisa assists clients in identifying, evaluating and managing risks associated with privacy and data security practices. She advises clients on GLB, HIPAA, COPPA, CAN-SPAM, FCRA, VPPA, security breach notification laws, and other U.S. state and federal privacy and data security requirements and global data protection laws (including those in the EU, Asia and Latin America). She provides extensive advice on cybersecurity risks, incidents and policy issues, including proactive cyber incident readiness. Through our firm’s privacy and security in M&A transactions team, Lisa also guides clients on risks and potential liabilities associated with inadequate privacy and data security practices in high-stakes corporate transactions. She conducts all phases of online and offline privacy assessments and information security policy audits. She also develops corporate records management programs, including policies, records retention schedules and training modules.

Lisa has been rated the “No. 1 privacy professional” in all surveys by Computerworld magazine. She is recognized by Chambers and Partners as a “Star” performer (the highest honor) for privacy and data security—the only lawyer in the United States to receive this distinguished ranking. Lisa also is recognized as a leading lawyer for cyber crime, data protection and privacy by The Legal 500 United States, who also listed her in their Hall of Fame. In addition, Hunton & Williams’ privacy and cybersecurity practice has received the topmost national rankings in privacy and data security from The Legal 500.

Lisa chairs the US Department of Homeland Security's Data Privacy and Integrity Advisory Committee. She speaks frequently at conferences, testifies regularly before the US Congress and other legislative and regulatory agencies; is the author of numerous treatises and articles; has been tapped to lead several industry committees and organizations; is sought after by media outlets and industry publications for her professional insights; and appears regularly on national television and radio news programs. She is the editor and lead author of the Privacy and Cybersecurity Law Deskbook, published by Aspen Publishers, Wolters Kluwer Law & Business.


  • Chair, US Department of Homeland Security’s Data Privacy and Integrity Advisory Committee, 2012-present; appointed to Committee by Secretaries Johnson, Napolitano, Chertoff and Ridge; Chair, Policy Subcommittee, 2010-2012; Committee Vice Chair, 2005-2009; Member, Cybersecurity Subcommittee, 2013-present (requiring Top Secret security clearance)
  • Co-chair, International Privacy Law Committee, New York State Bar Association, 2007-present
  • Chair, New York Privacy Officers Forum, 2007-present
  • Lead Advisor, Data Guidance US Panel of Experts, 2008-present
  • Member, Law and Ethics Advisory Board, SAI Global, 2005-present
  • Member, American Law Institute
  • Fellow, American Bar Foundation
  • Member, Board of Directors, International Association of Privacy Professionals, 2010-2015
  • Past Member, Board of Directors, Identity Theft Resource Center, 2010–2012


  • JD, University of Pennsylvania Law School, Law Review, 1987
  • BA, History, Cornell University, distinction in all subjects, 1984

United States: Media, technology and telecoms

Cyber law (including data privacy and data protection)

Within: Leading lawyers

Lisa Sotto - Hunton Andrews Kurth LLP

Within: Cyber law (including data privacy and data protection)

Clients praise Hunton Andrews Kurth LLP as ‘the only firm to use for data privacy matters’ with ‘consistently reliable advice and unmatched service levels across the board’. Department head Lisa Sottoalways delivers premium results’; she acted for Yahoo! on all the elements of its response to a cybersecurity attack compromising 3 billion user accounts, and also counts Mastercard, Google and JPMorgan Chase as clients. Aaron Simpson, who divides his time between London and New York, is ‘always responsive and thorough’; senior associate Brittany Bacon is ‘a rising star in the cybersecurity world’; and Paul Tiao and Phyllis Marcus are the key names in the Washington DC office. The department is highly regarded for its cybersecurity expertise, including data breach response and cyber attack prevention and preparation; other areas of expertise include cyber extortion, regulatory and compliance work, international data transfers and the cyber risks associated with blockchain technology.

[back to top]

Back to index

Legal Developments worldwide

Legal Developments and updates from the leading lawyers in each jurisdiction. To contribute, send an email request to