Eva Novick
About Eva
Eva Novick is a Certified Information Privacy Professional (CIPP/US, CIPP/E, CIPM) and leads the firm’s privacy & data security team. Eva advises clients, both business and individual, on complying with U.S. and international data privacy laws, and remediating and responding to data security incidents. Eva has extensive knowledge and experience in matters of privacy and data security, including enforcing consumer protection laws against particular industries. She works closely with clients on compliance with state and federal privacy laws, including the California Consumer Privacy Act, as amended (CCPA/CPRA), and international laws, including the General Data Protection Regulation (GDPR).
Prior to private practice, Eva dedicated nearly two decades of her career to the Oregon Department of Justice (DOJ). During this time, she was able to gain a substantial amount of skill and expertise regarding matters of privacy, data security, and consumer protection. During her time with the Oregon DOJ, Eva led settlement negotiations in Oregon-specific and multistate actions and resolved over 400 investigations, which resulted in distributing over $1 billion in restitution.
Representative Experience
-
Privacy and Data Security Plus
-
Drafted and updated clients’ website privacy notices and terms of use to ensure compliance with relevant privacy and data protection laws.
-
Drafted and negotiated data processing addenda in vendor agreements, such as SaaS agreements, to comply with U.S. laws and international data transfer requirements.
-
Analyzed privacy and security risks in M&A transactions to protect purchaser and negotiate appropriate contractual terms and purchase price.
-
Assisted clients in determining whether a security incident is a reportable data breach and, if so, provided required notification to regulatory agencies and affected consumers.
-
Assisted clients in a broad range of industries—from education to financial services to health care--analyze applicability of privacy laws and design compliance framework.
-
Drafted disclosures for new initiatives, including for text message marketing campaigns and for the use of novel technologies that capture customer data or employee data.
-
Drafted and updated internal policies and procedures to assist clients with implementing a privacy program.
-
Advised clients, negotiated settlements in disputes, defended clients in litigation, and initiated litigation to zealously represent clients’ interests in various privacy-related matters, such as business email compromise, wire transfer fraud, and website tracking pixels.
-
Activities
- Certified Information Privacy Manager (CIPM), 2022
- Certified Information Privacy Professional (CIPP/E), 2022
- Certified Information Privacy Professional (CIPP/US), 2020
- Oregon State Bar, Technology Law Section, Treasurer
- Oregon Women Lawyers, Member
- International Association of Privacy Professionals (IAPP)
- Fellow of Information Privacy, 2024-present
- Portland KnowledgeNet Chapter Chair, 2023-present
Insights from Eva
- “Cybersecurity Transparency Under Fire: Tech Firms Pay Big for Downplaying SolarWinds Breaches,” Miller Nash, Bank Law Monitor (Nov. 2024)
- “The State of State Privacy Laws: What Businesses Need to Know (2024 Edition), California Supplement,” Miller Nash, IP & Technology Law Trends (Oct. 2024)
- “The State of State Privacy Laws: What Businesses Need to Know (2024 Edition),” Miller Nash, IP & Technology Law Trends (Sept. 2024)
- “Oregon—SMS/MMS Marketing,” OneTrust, Guidance Note (Sept. 2024)
- “Oregon—Emarketing,” OneTrust, Guidance Note (Sept. 2024)
- “Oregon—Telemarketing,” OneTrust, Guidance Note (Sept. 2024)
- “From Fingerprints to Facial Recognition: Employer Responsibilities for Biometric Data Management,” Miller Nash, Employment Law in Motion (Aug. 2024)
- “Back-to-School Compliance Checklist: Key Privacy & Data Security Considerations for Oregon K-12 Administrators” Miller Nash (Aug. 2024)
- “Oregon—Cookies & Similar Technologies,” OneTrust, Guidance Note (July 2024)
- “Compliance Check-In: Is Your Business Compliant with the New Oregon Consumer Privacy Act?” Oregon Restaurant & Lodging Association Magazine (Summer 2024)
- “Countdown to Compliance: Preparing for the Oregon Consumer Privacy Act (OCPA),” Miller Nash, IP & Technology Law Trends (Apr. 2024)
- “Client Alert: Watch Out for Deepfakes,” Miller Nash, IP & Technology Law Trends (Feb. 2024)
- “Data Privacy Week Series: Check Your Third-Party Agreements Against Internal Policies,” Miller Nash, IP & Technology Law Trends (Jan. 2024)
- “Data Privacy Week Series: Review Password Hygiene,” Miller Nash, IP & Technology Law Trends (Jan. 2024)
- “Data Privacy Week Series: Thank Your Cybersecurity Team,” Miller Nash, IP & Technology Law Trends (Jan. 2024)
- “Data Privacy Week Series: Review Your Website,” Miller Nash, IP & Technology Law Trends (Jan. 2024)
- “Data Privacy Week Series: Check Your Policies and Procedures Against Legal Updates,” Miller Nash, IP & Technology Law Trends (Jan. 2024)
- “The State of State Privacy Laws: What Businesses Need to Know,” Miller Nash, IP & Technology Law Trends (Sep. 2023)
- “Companies Face a New Wave of Class Action Privacy Litigation,” Miller Nash, IP & Technology Law Trends (Aug. 2023)
- “Oregon Joins the Comprehensive State Privacy Law Elite 11,” Miller Nash, IP & Technology Law Trends (July 2023)
- “The FTC Is INFORMing Businesses That It Plans to Enforce This E-commerce Act,” Miller Nash, IP & Technology Law Trends (June 2023)
- “This Is Not a Test: The Significant Impacts of the Ireland Data Protection Commission’s Meta Decision,” Miller Nash, IP & Technology Law Trends (June 2023)
- “My Health My Data: Washington’s Limited but Comprehensive Privacy Law,” Miller Nash, IP & Technology Law Trends (May 2023)
- “The Oregon Consumer Privacy Act (OCPA): Understanding Privacy in the Nonprofit Sector,” Oregon State Bar, Nonprofit Organizations Law Section, Advising Oregon Nonprofits in 2024—Privacy, AI, Ethics, and More (Dec. 2024)
- “Containing the Flames: Safeguarding Data Privacy in an Era of AI,” Miller Nash, Employment Law Seminar (Nov. 2024)
- “Data Privacy, Data Governance, Internet Use, and AI—Top Tech Trends to Watch,” National School Boards Association, Council of School Attorneys Fall School Law Seminar (Oct. 2024)
- “AI & Risk Management,” Technology Association of Oregon, PNW Cyber Summit (Oct. 2024)
- “Introduction: What is AI and How AI Works,” Pincus Professional Education, AI and the Practice of Law CLE (Oct. 2024)
- “What You Don’t Know You Don’t Know: Privacy and Data Protection Edition,” Rivermark Credit Union Board (June 2024)
- “Privacy 101: Navigating the Digital Frontier,” Miller Nash (June 2024)
- “Wait. What?! Oregon Now Has a Comprehensive Consumer Privacy Law?,” Multnomah Bar Association (Feb. 2024)
- “The Oregon Consumer Privacy Act: Looking Forward in 2024,” Lewis and Clark Law School Data Privacy Symposium 2024 (Feb. 2024)
- “A Legal Intro to Privacy and Data Protection Law,” Idaho Business and Corporate Law Section (Feb. 2024)
- “The Road to 50 States: Delaware and Oregon Join the US Privacy Landscape,” OneTrust DataGuidance (Aug. 2023)
- “Cyber Security: Are You Secure? Three Tools to Protect Your Business,” Washington Hospitality Association (Mar. 2023)
- “Privacy and Data in the West: Implementation and Risks of Non-Compliance of Privacy and Data Protection Law in the US, UK, and EU,” Oregon State Bar CLE (Mar. 2023)
- “Privacy and Data Protection Law: Things Every Lawyer Should Know,” Multnomah Bar Association CLE (June 2023)
- “Hot Topics in Privacy and Cybersecurity Law,” Executive Vendor Summit (Mar. 2022)
- “Privacy 101,” Foster Garvey PC (Mar. 2022)
- “Social Media Privacy Status: It’s Complicated,” Oregon State Bar CLE, Emerging Technologies – Charting the Future Course of the Law (Oct. 2018)
- “Oregon’s Data Breach and Data Security Laws,” Oregon Department of Justice CLE (May 2018)
- “Data Breaches, Data Security and Privacy: Legal Compliance in Oregon,” Marquam IT (MTX) (Sept. 2018)
Outside the Office
Although a huge fan of North Carolina summers, Eva spends most of the year huddled under a waterproof blanket to cheer at girls' soccer games. She also enjoys reading novels and traveling.