Francoise Gilbert - headshotOverview

Françoise Gilbert focuses her practice on U.S. and global data privacy and security in a wide variety of markets, including, among others, cloud computing, big data, connected devices, intelligent vehicles, artificial intelligence, robots and other emerging technologies. Her clients include public or multinational entities, cloud service providers, data analytics companies, connected device developers, publishers, Internet stores, insurance companies, manufacturers, service providers, trade associations, non-profit organizations, software developers, and others.

With more than 30 years of experience addressing cutting edge domestic and international computer, Internet and data protection issues, she brings a unique combination of practical business acumen, sharp legal skills, deep regulatory knowledge, and extensive experience of the information technology markets at the domestic and international levels. Covering the entire privacy and security spectrum, she counsels clients on complex issues related to evaluating and strategically managing privacy, security, and e-business risks. She assists in the design of product and services to help meet the company’s objectives within the constraints of compliance requirements; the development of internal programs to help drive a culture of privacy and data protection across entire organizations; product development strategies aimed at meeting the privacy-by-design and security-by-design principles; the development and implementation of information privacy and security strategies and compliance programs; and addressing privacy and security in mergers and acquisitions, and other corporate and commercial transactions.

A sought after speaker, Françoise Gilbert has been featured on numerous panels throughout the United States and internationally on privacy, security, cloud computing, connected objects, smart cities, robot law, risk management, outsourcing, information technology, and e-business law by industry groups, bar associations and trade associations.

In addition, Ms. Gilbert is the author of the leading two-volume treatise “Global Privacy and Security Law” which covers in depth the privacy and data protection laws of 68 countries on all continents. She has also written numerous chapters in collective works and has published hundreds of articles in peer-reviewed publications, professional journals and magazines on privacy, security, emerging technologies, compliance, cybercrime, outsourcing, workplace privacy, information law, data governance, Internet law, ecommerce, children protection, and comparative law.

Areas of Concentration

  • Information privacy and security, US and international
  • Big data, data analytics;
  • Interest based advertising
  • Internet of Things, connected objects, intellligent vehicles, smart cities;
  • Artificial intelligence;
  • Cloud computing; outsourcing;
  • Complex technology licensing

Professional and Community Involvement

  • Editorial Board Member, “The Practical Lawyer,” a publication of the American Law Institute-Continuing Legal Education Division
  • Past Board Member, International Technology Law Association; ALI CLE, Technology Board of Advisors; American Telemedicine Association; California E-Heath and Telemedicine Association; Chicago and Midwest French American Chamber of Commerce

Leadership and Bar Activities

  • Co-Chair, PLI Privacy & Security Law Institute, 2000-Present
  • Past Co-Chair, IAPP KnowldgeNet San Francisco / Silicon Valley, 2004-2012
  • Past Member of Executive Committee, Business Law Section of the California State Bar
  • Past Member, National Conference of Lawyers and Scientists (a joint venture of the ABA and IEEE)
  • Past Chair and Founder of Chicago Bar Association Computer Law Committee, YLS International Practice Committee, YLS Corporate Practice Committee, 1984-1997
  • Member, International Technology Law Association (ITechLaw), 1989-2016
  • Member, International Association of Privacy Professionals (IAPP), 2004-Present
  • Member, American Bar Association, 1983-Present, Business Law Section, Science & Technology Section and International Law Section
  • Member, California State Bar, 1998-Present
  • Member, Illinois State Bar Association, 1983-1998
  • Member, Chicago Bar Association, 1983-1998

Awards and Recognition

  • Listed, Who’s Who Legal: Thought Leaders, 2017
  • Honoree, The National Law Journal, “Trailblazer” Awards, Cyber Security & Data Privacy, 2015
  • Honoree, The Best Lawyers in America, “San Francisco Lawyer of the Year, Information Technology Law,” 2014
  • Listed, Chambers Global, Information Privacy and Security, 2009-Present
  • Listed, Chambers USA Guide, Information Privacy and Security, 2009-Present
  • Listed, The Best Lawyers in America, “Information Technology Law and Privacy and Data Security Law,” 2008-PresentListed, Who’s Who Legal: Technology, Media and Telecommunications, 2015
  • Listed, Who’s Who Legal: E-Commerce, Information Privacy and Security, 1999-2014
  • Listed, San Francisco’s Best Lawyers Magazine, “Privacy and Data Security Law,” 2008-Present
  • Listed, Ethisphere, “Attorneys Who Matter,” 2012-2013
  • Listed, Computerworld, “Best Privacy Advisers,” 2010

Other Experience

  • Founding Member and Lead Outside Counsel, Cloud Security Alliance, 2009-Present
  • Lecturer, San Jose State University, Graduate Program in Entrepreneurship, 2005-Present
  • Adjunct Assistant Professor, University of Illinois at Chicago, Graduate School of Health Information Science, 1992-2012

Articles, Publications & Lectures


  • Author and Editor, “Global Privacy and Security Law,” (2 volumes), Aspen / Wolters Kluwer Law and Business, 2009-Present
  • Author, Françoise Gilbert Blog
  • Co-Author, “IoT/Data Analytics, Wiley and Sons, 2017
  • Co-Author, “Privacy Compliance and Litigation in California,” CEB, 2009-Present
  • Co-Author, “HIPAA Security Standards,” ABA Publications, 2007
  • Co-Author, “Business Process Outsourcing Transactions,” Wiley, 2007
  • Co-Author, “Technology Outsourcing Transactions,” Wiley, 2005
  • Co-Author, “International Guide to Cyber Security,” ABA Publications, 2004
  • Co-Author, “International Guide to Privacy,” ABA Publications, 2003
  • Co-Author, “International Guide to Combating Cybercrime,” ABA Publications, 2002
  • Co-Author, “Comprehensive Guide to Electronic Health Records,” Faulkner & Gray, 2000
  • Co-Author, “Comprehensive Guide to Electronic Health Records,” Faulkner & Gray, 1999

Blog and Recent Articles

  • Author, “FTC Files Complaint against Manufacturer of IoT Devices for Deficient Security Measures,” GT Alert, January 12, 2017
  • Author, “Get Ready for the Long Arm of EU Privacy Regulation,” Law360, January 3, 2017
  • Co-Author, “China Enacts Cybersecurity Laws: What to Know if Doing Business Abroad,” Daily Journal, November 25, 2016
  • Author, “WP29: Thumbs Down to Draft EU-US Privacy Shield,” ALI CLE’s The Practical Lawyer, August 2, 2016
  • Author, “California Attorney General Launches Complaint Form to Report CalOPPA Violations”, GT Alert, October 19, 2016
  • Co-Author, “Article 29 Working Party Welcomes the Improved Privacy Shield but Plans a Thorough Review in One Year,” GT Alert, July 27, 2016
  • Co-Author, “Network and Information Security Directive Adopted by EU Parliament”, GT Alert, July 12, 2016
  • Co-Author, “EU-US Privacy Shield v.2.0, Signed, Sealed and Delivered”, BNA Privacy & Security Law Report, July 8, 2016
  • Co-Author, “First Enforcement Action Under New EU Data Privacy Regime,” Daily Journal, June 22, 2016
  • Co-Author, “EU Network and Information Security Directive Expected to Enter into Force in August 2016, Will your EU Operations by Affected?”, GT Alert, June 20, 2016
  • Author, “Purchasing Cloud Services Can Be Tricky,” Daily Journal, May 25, 2016
  • Author, “How Will the EU General Data Protection Regulation Impact US businesses?” FierceITSecurity, May 10, 2016
  • Author, “EU General Data Protection Regulation: What Impact for Businesses Established Outside the EU?”, GT Alert, April 19, 2016
  • Author, “WP29: Thumbs Down to Draft EU-US Privacy Shield,” GT Alert, April 14, 2016
  • Author, “Details of EU-US Privacy Shield Revealed – What does the Future of Trans-Atlantic Data Transfer Look Like”, GT Alert, March 3, 2016
  • Author, “Breaking News: Safe Harbor 2.0 Agreement Reached”, GT Alert, February 2, 2016
  • Author, “Invalidation of the Safe Harbor: Will It Cause the Adoption of Data Silos?” BNA Privacy & Security Law Report, October 26, 2015
  • Co-Author, “Upate:U.S.-EU Safe Harbor Invalidated by European Court of Justice,” GT Alerts, October 6, 2015

Media Coverage

  • Quoted, “Legal Tech Eyes Automation to Ease EU Data Compliance Challenges,” Legaltech News, December 9, 2016
  • Quoted, “GDPR,” SC Magazine e-book series, December 9, 2016
  • Quoted, “EU Approves GDPR, Regulating Data Privacy Within its Borders and Beyond,” Legaltech News, April 15, 2016
  • Quoted, “Data Transfer Rules Shake Up Privacy Law,” Daily Journal, December 30, 2015
  • Featured Interview, “Francoise Gilbert Navigates The Tempest Over US-EU Safe Harbor,” Web Master Radio, October 25, 2015
  • Quoted, “Law Tightens Police Cellphone Searches,” Daily Journal, October 12, 2015
  • Quoted, “Governor Signs Privacy Bill, Law Enforcement Scrambles to Adjust, Daily Journal, October 12, 2015
  • Quoted, “EU Ruling Means More Paperwork for Tech Firms,” The Information, October 8, 2015
  • Quoted, “Dubai: Safe Harbor Ruling Results in ‘Domino Effect,'” Data Guidance, May 11, 2015


  • J.D., Loyola University Chicago School of Law
  • Maitrise en Droit, University of Paris, Faculté de Droit Paris IX (France)
  • CAPES Mathématiques, University of Paris (France)
  • B.Sc. and M.Sc., University of Montpellier II (France)

Admitted to Practice

  • California
  • Illinois
  • France

Professional Certifications

  • Certified Information Privacy Professional (CIPP/US), International Association of Privacy Professionals
  • Certified Information Privacy Professional, (CIPP/EU), International Association of Privacy Professionals
  • Certified Information Privacy Manager (CIPM), International Association of Privacy Professionals


  • French, Native
  • German, Conversational
  • Italian, Conversational
  • Spanish, Conversational