Jake Bernstein
Jake Bernstein is a partner at the firm’s Seattle office. He is a member of the Technology Transactions and Sourcing and Data Protection, Privacy, and Security practice groups. Jake is also a Certified Information Systems Security Professional licensed by (ISC)2. He can be heard discussing cybersecurity and privacy issues as the co-host of the popular Cyber Risk Management Podcast.
In addition to his Data Protection, Privacy, and Security work, Jake also leverages his background as an Assistant Attorney General in the Consumer Protection Division of the Washington State Office of the Attorney General to counsel clients on a host of regulatory matters, especially involving technology and the Internet.
Jake began his career at the Washington State Office of the Attorney General, where he served for nearly eight years in the Consumer Protection Division. As an Assistant Attorney General, Jake regulated businesses subject to Washington’s Consumer Protection Act, focusing on internet advertising and marketing, “high tech” scams and consumer fraud, and cybersecurity and privacy. Jake served as lead counsel on dozens of investigations and regulatory enforcement actions, ranging from small businesses engaged in single-website deceptive practices to nationwide multi-state investigations of major industries.
Upon entering private practice, Jake focused his efforts on representing clients in litigation relating to the same or similar topics, including TCPA, CAN-SPAM and California Anti-Spam Law cases, false advertising cases, and multiple Consumer Protection Act disputes. One of Jake’s clients grew its online advertising and marketing business from approximately US$5 million in annual revenue to over US$200 million in annual revenue over the course of five years without any regulatory inquiries or incidents. Jake routinely advises clients on compliance with state and federal consumer protection laws, and draws upon his experience as a regulator to provide a unique perspective on these topics. With a particular interest in “dark patterns,” Jake continues to help clients understand exactly what “clear and conspicuous disclosure” requires and how to apply the concept to the online world.
Prior to joining the firm, Jake served as an attorney at two internet, media, and technology law firms in Seattle. Through these roles Jake ultimately focused his practice on cybersecurity and privacy, and provided incident response counseling and coaching, and proactively counseled clients on a wide range of cybersecurity issues including cybersecurity risk management, security architecture, vendor risk management, application security, and more. Additionally, Jake has advised rapidly-growing, technology-focused companies. He has experience in advising executives, sales managers, and engineers on regulatory compliance under a host of state, federal, and international laws including the California Consumer Privacy Act (CCPA), federal Gramm-Leach-Bliley Act (GLBA), NY SHIELD Act, and the European Union’s General Data Protection Regulation (GDPR). In his spare time, Jake enjoys reading the numerous state privacy and security bills released on a regular basis by enthusiastic legislatures. He remains cautiously optimistic that Congress will soon pass a federal law, even if it means the loss of this hobby.