Francoise Gilbert

Francoise Gilbert - headshot

Follow me on Twitter

J.D., Loyola U. of Chicago (USA)

Maitrise en Droit, Paris (France) – law degree-

M.Sc. and CAPES Mathématiques, Paris (France)

Admitted to practice law in California, Illinois, and France





Françoise Gilbert concentrates in US and global data privacy and security issues, cloud computing, and information law. Covering the entire privacy and security spectrum, her clients include public or multinational entities, cloud service providers, B2C businesses, B2B businesses, analytics companies, publishers, Internet stores, insurance companies, manufacturers, service providers, trade associations, software developers, and others. She counsels clients on complex issues related to evaluating and strategically managing privacy, security, cloud computing and e-business risks. She assists clients in driving a culture of privacy across their organization, developing and implementing information privacy and security strategies and compliance programs, and integrating privacy and security in commercial or corporate transactions.


An internationally recognized thought leader and expert in privacy and data protection law, Francoise has been named Best Lawyers’ “2014 San Francisco Lawyer of the Year for Information Technology Law.” For several years, the prestigious Chambers USA and Chambers Global, The Best Lawyers in America, and the Who’s Who in E-Commerce have recognized her as one of the leading lawyers in the field of information privacy and security. She was listed as one of the top privacy advisers in the recent Computerworld “Best Privacy Advisers” list, and for several consecutive years as been selected by Ethisphere for its list of the “Attorneys Who Matter.”


With over 30 years of experience as a practicing attorney addressing cutting edge domestic and international computer, Internet and data protection issues, Françoise brings a unique combination of sharp legal skills, deep regulatory knowledge, practical business acumen and extensive experience of the information technology markets.

She is highly experienced in addressing a wide range of US and foreign privacy and security issues, such as counseling on HIPAA/HITECH Act, GLBA, COPPA, FCRA/FACTA, or CAN SPAM compliance, online and offline data law, behavioral advertising, tracking, content personalization, retargeting, use of data for modeling, analytics and diagnostics, security incident response planning and disclosures, implementation of FTC and State Attorney General guidance. She develops comprehensive privacy compliance programs, consumer privacy policies and best practices, and training programs regarding the appropriate collection, use and disclosure of personal data. She conducts all phases of privacy assessments and information security policy audits, and assists clients in responding to investigations by state and federal regulators.

For multination companies, she leads the design and implementation of global privacy programs, advises on compliance with foreign data protection laws (Western Europe, North America, or Asia Pacific) and cross border data flow issues, negotiates and implements data transfer agreements and data transfer structures, conducts Safe Harbor audits, develops and maintains documentation and procedures to support continuing compliance with EU-US Safe Harbor principles, assists in Safe Harbor self-certification and re-certification.

In addition, she assists clients’ corporate or commercial teams in incorporating data protection in their operations and transactions. She regularly works on data protection issues in major corporate and commercial transactions such as mergers & acquisitions, cloud computing, outsourcing, and offshoring. She structures and negotiates a wide variety of contracts concerning data uses, privacy and security, cloud computing, or transactions associated with databases, data processing or data management, including strategic alliances and joint ventures, and other complex contracts.


A prolific speaker, Françoise Gilbert has been featured on numerous panels throughout the United States and internationally on privacy, security, cloud computing, risk management, outsourcing, information technology, and e-business law by industry groups, bar associations and trade associations. She has taught technology and data protection law in the Graduate School of Health Information Science at the University of Illinois, Chicago Campus from 1992 to 2012, and is a frequent guest speaker at the John Marshall Law School in Chicago (Illinois) and at the Silicon Valley Center for Entrepreneurship at San Jose State University (California).

Françoise is often asked to comment on privacy, security or cloud computing issues in national and international press, including the New York Times (USA), le Matin Dimanche (Switzerland), RTTV (Russia), ComputerWorld (USA), MarketPlace (USA), PC World (USA), (USA), or TechTarget (USA).


Françoise is the author and editor of Global Privacy and Security Law published by Aspen / Wolters Kluwer, a two-volume, 3,500 page, law treatise, which provides a detailed analysis of the major drivers that dictate or influence data protection laws worldwide, and contains a thorough analysis of the privacy and data protection laws of 68 countries on all continents. The treatise, initially published in 2009, is updated three times a year.

She is also a co-author of: Privacy Compliance and Litigation in California (2009-2014 – CEB); HIPAA Security Standards (2007 – ABA Publications); Business Process Outsourcing Transactions (2007- Wiley); Technology Outsourcing Transactions (2005 – Wiley); International Guide to Cyber Security (2004 – ABA Publications); International Guide to Privacy (2003 – ABA Publications); International Guide to Combating Cybercrime (2002 – ABA Publications); Comprehensive Guide to Electronic Health Records (2000 – Faulkner & Gray); Comprehensive Guide to Electronic Health Records (1999 – Faulkner & Gray).

In addition, Ms. Gilbert has published hundreds of articles in peer-reviewed publications, professional journals and magazines on privacy, security, cloud computing, computer crime, outsourcing, workplace privacy, information law, data governance, Internet law, ecommerce, children protection, and comparative law. She is a contributing expert to TechTarget’s, focusing on information privacy and security, cloud computing and data governance.


Françoise is a member of the Editorial Board of The Practical Lawyer, a publication of the American Law Institute – Continuing Legal Education Group and she serves on the Technology Board of Advisors of ALI CLE. She has served on the Board of Directors of the International Technology Law Association, the American Telemedicine Association, the California E-Heath and Telemedicine Association, and other non-profit entities, and on the Board of Advisors of several Silicon Valley emerging technology start-ups. She is a past member of the National Conference of Lawyers and Scientists and of the Executive Committee of the Business Law Section of the California Bar.


Ms. Gilbert is a founding member of the Cloud Security Alliance, its General Counsel, and the chair of its Legal Committee. She has co-chaired the PLI Privacy & Security Law Institute since 2000 and has held numerous leadership positions at the American Bar Association, the California State Bar, the Chicago Bar Association and the International Association of Privacy Professionals including, most recently, the American Bar Association Science & Technology Section ePrivacy Committee and the IAPP KnowledgeNet San Francisco.


Trained in the civil law and the common law systems, Françoise Gilbert is admitted to practice in California and Illinois as well as in France. Before acquiring her JD in Chicago (Illinois), she obtained a French law degree in Paris (France). Early training includes undergraduate and graduate degrees in mathematics, engineering and education from the Universities of Paris and Montpellier (France). Françoise Gilbert is accredited as a Certified Information Privacy Manager and a Certified Information Privacy Professional (CIPP/US) by the International Association of Privacy Professionals.


Françoise Gilbert is bilingual in French and English. She has a working knowledge of Spanish, Italian and German.


Françoise Gilbert is the founder and Managing Director of the IT Law Group.