Susan Hintze

Practice Areas

Susan Hintze has provided legal counsel to tech and e-commerce clients for over 25 years - 20 years of which have been focused exclusively in the area of privacy and security. She focuses on regulatory compliance, legislative policy, and defends companies against federal, state, and city enforcement actions. She advises on a wide range of U.S. and global privacy and data security issues and in the areas of online safety, disinformation investigations, and AI ethics. Representative areas include CCPA, CPRA, and the growing number of omnibus state privacy laws, FERPA, the FTC Act, COPPA, My Health My Data Act, TCPA, TSR, HI-TECH, GLBA, FCRA, CFAA, ECPA, GDPR, Video Privacy Protection Act, SMS and telemarketing laws, data security and breach notice obligations, online and mobile advertising and tracking, data transactions, privacy due diligence, facial recognition and biometrics, cloud computing, AI, and financial privacy.

Career

Susan formerly co-chaired Cooley LLP's privacy group and co-led Perkins Coie's privacy group. She gained valuable in-house experience as Microsoft privacy counsel advising security, global sales and marketing, X-Box, HR, and legislative policy teams on privacy, data security, and online safety issues. She also served as former lead privacy counsel at Dell.

Professional Memberships

Board of Directors, IAPP, 2025 - Present

Westin Emeritus Fellow, IAPP

Privacy Bar Advisory Board Member, IAPP, 2021 - 2023

Co-Chair of RSA Conference Programming Privacy Track, 2018 - 2021

Adviser to the American Law Institute’s project for Principles of the Law: Data Privacy, 2013 - 2019

Privacy Advisory Committee Member to the City of Seattle

QLaw: the LGBTQ+ Bar Association of Washington

National Asian Pacific American Bar Association

Publications

“French Competition Authority Fines Apple €150M Alleging Market Power Abuse of Ad Privacy System,” Hintze Law Blog — April 1, 2025

“Final COPPA Rule Amendments: Definitional Changes,” Hintze Law Blog — February 6, 2025

“The FTC Issues Final COPPA Rule Amendment,” Hintze Law Blog — January 20, 2025

"Processor v. Controller Contractual Considerations Under GDPR," Data Processing Agreements: Coordination, Drafting, and Negotiation, IAPP — 2019

“First Steps Towards Regulating Facial Recognition Technology,” Data Protection Law & Policy — May 2016

“Privacy and Data Security Washington State Profile,” Bloomberg Privacy and Data Security — 2017

““I Agree,” Should Your Privacy Policy Be a Contract?” Copyright and New Media Law —2015-2016

"“I Agree” - Privacy Policy as a Contract," IP Issues in Business Transactions 2016, Practising Law Institute — January 2016

"Issues to Consider in Transfer of Personal Data as an Asset," IP Issues in Business Transactions 2015, Practising Law Institute — January 2015

"An Overview of Significant U.S. Data Breach Cases and Enforcement Actions," Chapter of Cybercrime and Security Treatise — 2010

"Personal Information Security," Chapter of Washington Nonprofit Handbook: How to Form and Maintain a Nonprofit Corporation in Washington State — 2009

Privacy Challenges to Smart Grid," Sustainable Industries — May 27, 2009

"US: Sony Music: $1 million FTC COPPA settlement," Data Protection Law & Policy — January 2009

"Prior to Data Loss, Check That Contract," Digital Transactions — December 2008

"New PCI Data Security Standards Expand Obligations," Privacy Advisor — November 2008

Expert in these Jurisdictions

Washington, California

Education