Mark Paulding
Both a lawyer and engineer at heart, developed software for the U.S. Navy and writes code in C, C++, COBOL and Fortran
Understands IT and how computers support business networks and the applicable laws and the legal risk in this space
Develops safeguards and controls to protect clients most important data from cybersecurity threats while remaining compliant with US and foreign data security laws
Guides clients through the assembly and use of consumer data to help merchants build trustworthy relationships and customer interactions in compliance with FCRA and state data broker laws
He is an entrepreneur who co-founded a cybersecurity startup, yellowHAT Laboratories, developing solutions to protect trade secrets from malicious insiders and sophisticated cybercriminals.
FUN FACT!
Mark designs educational apps for fun. One simulates covalent and ionic bonding to help teach general chemistry, another is a racing game that teaches the laws of physics. He has yet to sell one despite the obvious mass market appeal.
Mark Paulding advises clients on data security, privacy, and consumer protection matters. His practice includes conducting privacy and security risk and compliance assessments; development of security programs, policies, and procedures; development of privacy policies and procedures; security incident investigation, response, and reporting; and development and implementation of web content accessibility policies and procedures.
Preparing privacy policies and terms of use for websites and mobile applications published by a wide variety of organizations.
Conducting privacy assessments for online and offline businesses, including performing data mapping analyses.
Drafting and counseling on data security policies, procedures, and guidelines.
Conducting cybersecurity risk assessments and compliance audits.
Drafting and negotiating agreements affecting privacy and security of sensitive personal information of consumers and/or employees.
Advise clients on compliance with the California Consumer Privacy Act of 2018 (CCPA) and Attorney General regulations implementing the CCPA.
Assisting clients with investigation of data breaches and, when appropriate, notification to government regulators and affected consumers.
Counseling clients regarding website accessibility and compliance with the Americans with Disabilities Act and Web Content Accessibility Guidelines.
Advising clients that process payment card transactions regarding compliance with PCI-DSS.
Counseling clients regarding compliance with the Fair Credit Reporting Act concerning collection and use of consumer information for fraud prevention, identity verification, and assessing creditworthiness.
Representing clients in data privacy and consumer protection investigations and enforcement actions by federal and state regulators.
Counseling clients regarding compliance with the Computer Fraud and Abuse Act and Wiretap Act, and similar state laws, concerning interception and analysis of information transmitted over private and public networks.
“Bad Actors Use AI Too- Security Measures Your Company Should Keep in Mind”, Lexology, July 2023
“Data Breaches Costs Millions- Have You Tested Your Data Protection Program”, Lexology, May 2021
“NY SHIELD Act and the Bevy of State Privacy Legislation to Come: Are You Prepared?”, Lexology, November 2020
“A Checklist for Key Current Private & Data Security Issues: Questions to Ask Now”, Lexology, April 2020
District of Columbia, 1999
Maryland, 1998 (inactive)
International Association of Privacy Professionals (IAPP)
Association of National Advertisers (ANA)
Princeton University, A.B. 1994
Harvard Law School, J.D. 1998