Michelle A. Reed

Partner

Areas of Focus

Michelle A. Reed

Partner

mreed@akingump.com

Areas of Focus

Save as PDF

Share This Biography

Biography
  • Co-head of the firm’s cybersecurity, privacy and data protection practice.
  • Two decades of experience advising on privacy and cybersecurity regulation, enforcement, and class action litigation.
  • Practice focuses on complex civil litigation, with an emphasis on securities and consumer class actions, as well as internal investigations.

Michelle has two decades of experience advising companies, boards, and executives on navigating the evolving risks in privacy and cybersecurity regulation, enforcement, and class action litigation. She assists clients in conducting comprehensive privacy and security risk assessments, and develops policies and procedures to mitigate and remediate privacy and cybersecurity threats. Michelle is especially adept at working across business units in finding practical, compliant solutions for clients.

As a Certified Information Privacy Professional (CIPP/US, International Association of Privacy Professionals), Michelle counsels corporations in data breach investigations and notifications, Securities and Exchange Commission (SEC) cybersecurity compliance and regulatory issues, privacy and data protection compliance, and cloud computing advice.

Michelle also represents clients in a variety of complex civil litigation matters, including securities class actions, derivative suits and consumer class actions.

Representative Work

Data Privacy Engagements

  • Advising a multinational Fortune 500 company on the development, communication, and operationalization of privacy program and governance structure in the U.S., Canada, and international data protection across 18 jurisdictions, including creation of privacy principles, policies, notice, cross-border data strategy, data lifecycle management, individual rights management, Privacy by Design, third-party risk management, and training.
  • Developing COVID-19 privacy risk framework, including privacy considerations regarding temperature and symptom checks for employees, vendors, and customers and serological testing of employees and evaluating retention and sharing requirements in the U.S., Europe, Middle East, and Asia.
  • Developing extensive privacy risk assessment framework for one of the largest broadband communications and video services providers in the U.S., evaluating privacy risk for delivery of content to approximately 4.9 million customers across 21 states.
  • Advising private equity and other investment funds in the U.S., Europe, and Asia on implementing and operationalizing the CCPA, NY Department of Financial Services Cybersecurity Regulation, GDPR, SEC rules, and evolving state and federal privacy regulations.
  • Advising mortgage servicer and lender on privacy and cybersecurity compliance, developing compliance program to ensure compliance with the Gramm Leach Bliley Act, CCPA, and other laws.

Cybersecurity Engagements

  • Represented an online retailer in a data breach affecting 50 states and 16 countries; assisting with the identification of the nature and scope of the intrusion; working with the information technology team and experts to restore normal system operation; providing customer notification and call center management, states’ regulatory negotiations, discussions with PCI-DSS council and payment card issuers, and public relations communications.
  • Advised top-ten U.S. city in ransomware incident impacting city employees and residents, advising on legal obligations, notifications, regulatory discussions, and strategic communications.
  • Advising a multistate hospital system in a data breach by a third-party vendor affecting nearly four million patients nationwide; counseling on notification obligations to patients and regulators and multidistrict litigation.
  • Represented an online retailer in responding to an aggressive attack by the Magecart threat actor, guiding the company through its investigation, retaining forensic experts and resolving the breach with minimal exposure to the company.
  • Counseling a retailer with more than half a billion dollars in annual sales in all phases of an unauthorized intrusion into its network, interfacing with the Federal Bureau of Investigation (FBI) and Identifying internal control improvements.

Class Action and Derivative Litigation Engagements

  • Represented a 14-hospital health system that included clinics, home health services and doctors serving Indiana and Illinois, advising them on data breach response, data breach litigation, and state attorney general enforcement.
  • Represented a communications and media company in consolidated putative class actions alleging claims for negligence, negligence per se, breach of implied contract, violation of the New York Labor Law and violation of the Cable Communications Act arising from a data security incident involving the personal data of current and former employees.
  • Defended client in consolidated putative class actions arising from data breach involving the alleged exposure of personally identifiable information and asserting common law tort claims, as well as New York and California statutory claims, including claims under the California Consumer Privacy Act (CCPA), and obtained a full dismissal at the district court level of all claims.
  • Advised client in putative class action arising from a data breach at a third-party service provider involving alleged claims for negligence, negligence per se, breach of confidence, breach of implied contract, breach of fiduciary duty, and violation of the state consumer protection act.
  • Represented a guardrail manufacturer in two consumer class actions in the Western District of Wisconsin and Southern District of Illinois alleging fraud, breach of warranty and contract unjust enrichment, and violations of the Deceptive Trade Practices Act.
  • Obtained a favorable settlement within insurance limits in a derivative suit against directors of a publicly traded energy company alleging claims of breach of fiduciary duty and unjust enrichment.
  • Secured a complete dismissal of fiduciary duty claims alleged against directors of a publicly traded company in federal court in Texas.

"Michelle is exceptionally thorough and a passionate advocate."
Chambers USA, 2022

Education
  • J.D., Brigham Young University, J. Reuben Clark Law School, summa cum laude, 2003

  • B.A., Brigham Young University, with honors, 1999

Bar Admissions
  • Texas

Recognitions
  • Chambers USA, leading practitioner in Privacy & Data Security–USA–Nationwide, 2023; described as “incredibly responsive and super knowledgeable.”
  • Chambers USA, leading practitioner in Litigation: Securities–Texas, 2021- 2023; described as “exceptionally thorough and a passionate advocate.”
  • D Magazine, Best Lawyers in Dallas (Business/Commercial Litigation), 2022.
  • The Legal 500 US, Securities litigation: Defense, 2023.
  • The Best Lawyers in America, Litigation - Securities, 2023.
  • The American Lawyer, Best Mentor finalist, 2021.
  • Cybersecurity Docket, Incident Response, 2021-2023.
  • Texas Lawyer, Attorney of the Year finalist, 2020.
  • Texas Lawyer, Texas Trailblazer, 2019.
  • The Legal 500 US, Cyber Law, 2017 to 2022.
  • National Diversity Counsel – Top 50 Women Lawyers in Dallas, 2017
  • Recipient of the Frank Scurlock Award for Outstanding Pro Bono Service, State Bar of Texas.
Affiliations and Public Service
  • Co-Chair, Class Actions and Derivative Suits and Securities Litigation, Litigation Section, American Bar Association.
  • Member, Bar Association of the 5th Federal Circuit.
  • Member, Standing Committee on Legal Services to the Poor in Civil Matters, State Bar of Texas.
  • Member, Texas Bar Association Pro Bono College.
  • Member, J. Reuben Clark Law Society.
  • Co-Founder, Domestic Violence Project, Austin Young Lawyers Association; awarded best statewide public service project by the Texas Bar Association.
  • Member and Volunteer, Women’s Advocacy Project, a statewide nonprofit that promotes access to justice for Texas women and children who are victims of domestic violence and child abuse
  • Alumnus, Texas State Bar Association Leadership Conference.
  • Panel Counsel, Directors and Officers Securities Claims and Investigation EdgeSM Panels of the American International Group. (AIG)
  • Member, Leadership Dallas Class of 2019.
Speeches and Publications
  • Class Action for Breach of Data Protection,” ICLG.com Global Class Actions Symposium, November 16, 2021.
  • “A Day in the Life of Incident and Data Breach: How to Help Ensure Global Compliance,” Association of Corporate Counsel Houston Chapter, August 19, 2021.
  • “First Enforcement Action by NY Department of Financial Services Under Cybersecurity Regulation,” Akin Gump Webinar, October 8, 2020.
  • “Defensible Data Retention: The Holy Grail of Mitigating Data Privacy Risks,” Association of Corporate Counsel, September 16, 2020.
  • “How Do You Put A System Of Controls In Place When Your Target Keeps Moving?,” Cybersecurity and Data Privacy Law Conference, The Center for American and International Law, Plano, TX, September 10, 2020.
  • “The Evolving Cybersecurity Regulatory Framework: What Startups Need to Know,” Dallas Startup Week, Dallas, TX, September 2, 2020.
  • “Privacy and Data Security Forum: 2019 Year in Review and Preparing for 2020,” Association of Corporate Counsel National Capital Region, Washington, D.C., February 13, 2020.
  • “Tactics to Combat Privacy Enforcement Actions,” Association of Corporate Counsel Dallas-Fort Worth, Dallas, TX, February 11, 2020.
  • “The Changing Face of Privacy Laws,” Annual New York Private Investment Funds Conference, New York, September 26, 2019.
  • “The Biometric Information Privacy Act (BIPA): The Recent Explosion of Lawsuits in Illinois and How Businesses Can Reduce Legal Risk,” TecNation Chicago (Illinois Chamber of Commerce), August 15, 2019.
  • “Preparing for the Unknown Privacy and Cybersecurity Regulation,” HFM Billion Dollar Club North American COO Summit, June 2019.
  • “Increase in Litigation Expected Under the Illinois Biometric Information Privacy Act Following Illinois Supreme Court Ruling,” Akin Gump Webinar, February 2019
  • “Incident Response and Crisis Management” and “State & International Compliance Overview,” Akin Gump’s Cybersecurity Bootcamp, New York, December 5, 2018
  • “Trends in Consumer Class Actions,” Akin Gump CLE Series, Dallas, October 2018.
  • “Value-Based Branding: Why Building Relationships Trumps Selling,” National Association of Women Lawyers Conference, Dallas, May 3, 2018.
  • Moderator, Akin Gump’s Spring Cybersecurity Boot Camp, Dallas, March 2, 2018.
  • “The Attorney-Client Privilege Survival Guide,” Akin Gump In-House Counsel Series, Dallas, January 24, 2018.
  • Cybersecurity,” SEC Hot Topics Institute, Dallas, September 14, 2017.
  • “Data Privacy and Cybersecurity – What CRAs Need to Know,” AccioData Conference, Austin, February 21, 2017.
  • “The Practical Approaches to Data Privacy & Cyber Security,” Apollo Portfolio Company Conference, Las Vegas, October 17, 2017.
  • “Trends in Consumer Class Actions: How to Avoid Becoming a Target,” Akin Gump In-House CLE Series, (Location, October 2016).
  • “Advanced Healthcare Security Strategy: Preventing and Responding to Data Breaches,” co-hosted by Akin Gump and Tatum, May 18, 2016.
  • Program Co-Chair, “EU General Data Protection Regulation: Overview of key changes and a discussion of needed preparations,” co-hosted by Akin Gump and CompTIA, April 4, 2016.
  • Panelist, “Cybersecurity Preparedness for 2016: Board Oversight & Best Practices,” hosted by The Society of Corporate Secretaries – Texas Chapter, Dallas, March 2, 2016.
  • Panelist, “Lawyers Leading the Race to Cybersecurity: How to Help Your Leadership Defend Attacks in 2016,” ACC South Central, Location, February 3, 2016.
  • Panelist, “EB-5 & Data Security – Risk Management and Insurance Considerations,” Invest in the USA, Webinar, January 7, 2016.
  • Panelist, “Investment Management Spotlight – The Ever-Changing Landscape,” hosted by Deloitte and the Managed Funds Association, December 3, 2015.
  • Panelist, “Map the Privacy Frontier,” Bloomberg BNA Privacy & Data Security Breakfast Panel Discussion, September 16, 2015.
  • Panelist, “Cybersecurity – What Fund Managers and Investors Need to Know,” Akin Gump Dallas Quarterly Roundtable, Dallas, September 10, 2015.
  • “Cybersecurity Risk Management, Due Diligence and Breach Response,” Akin Gump’s Seminar on The Cybersecurity Pandemic, Dallas, April 28, 2015; Houston, April 29, 2015.
  • Panelist, “Cybersecurity: Risks and Best Practices for Medical Device Makers,” MDMA Webcast, March 25, 2015.
  • Panelist, “Cybersecurity Risk Management and Due Diligence,” Akin Gump’s Seminar on The Cybersecurity Pandemic, November 5, 2014.
  • Panelist, “Fraud-on-the-Market Theory: Significant Issues and Updates for 2014 and Beyond,” The Knowledge Congress Live Webcast, August 7, 2014.

Insights and Achievements

    Publications | Newsletters

    February 22, 2024

    Read More

          Publications | Newsletters

          February 22, 2024

          Read More

              Related Content

              People

              Distinguished by our areas of focus, as a cohesive and integrated firm, we are defined by the caliber of our work, the responsiveness of our service and a culture that is rooted in collaboration and forward-thinking.

              We Also Recommend

              Loading...
              Loading...
              Loading...
              Loading...