Kelly DeMarchis Bastide
Kelly handles all facets of a notifiable data security event, from initial advice through regulatory inquiries. She has represented dozens of clients in investigations before various federal and state government bodies, including the Federal Trade Commission (FTC), and takes pride in understanding client needs to better advocate on their behalf.
Because Kelly and her team work with clients of all sizes in so many industries and jurisdictions, they are well positioned to provide market comparisons and benchmarks so clients know where they stand in relation to their peers. She also helps ensure that clients are following industry best practices. Backed by the firm's Corporate Group, her team also advises on the privacy aspects of corporate transactions.
As states continue to develop new privacy requirements at a rapid pace, Kelly keeps clients updated on the laws and regulations that impact them the most. She advises on myriad state breach notification and security laws, including the California Consumer Privacy Act (CCPA), the Colorado Privacy Act (CPA), and other omnibus and specialty state laws. She also offers focused counsel on compliance with FTC guidance and is an experienced advisor on the Children's Online Privacy Protection Act (COPPA) and the Family Educational Rights and Privacy Act (FERPA). In addition to deep knowledge of U.S. laws and regulations, Kelly has vast experience helping clients understand European Union data protections, including the General Data Protection Regulation (GDPR), the United Kingdom GDPR, and the ePrivacy Directive.
With a keen interest in the data collection practices of consumer brands and luxury product manufacturers, Kelly also counsels on how privacy laws uniquely touch these industry sectors. Notably, she has worked with dozens of nonprofit organizations of all sizes on the national and local levels to help them assess privacy compliance and develop privacy programs. Kelly also has extensive experience with privacy issues unique to manufacturers of connected vehicles and industry sectors such as mobility, EdTech, and wellness. Her experience further incorporates navigating the laws governing remote gaming and gambling and advising on disclosures in relation to endorsements and testimonials.
Related Practices
Experience
Representative Matters
- Serves as long-standing outside privacy counsel to significant players in the EdTech space, advising on all aspects of privacy compliance to include FERPA, COPPA, and state student privacy laws
- Assessed the global privacy program of a multinational Fortune 500 company in line with the National Institute of Standards and Technology (NIST) Framework, with output including a three-year workplan to help the company mature its privacy program
- Represented more than a dozen companies in investigations before the FTC, including a multiyear data security investigation resulting from a breach that resulted in no enforcement action, and represented companies investigated for alleged privacy violations, consumer protection violations, and violations of the FTC's endorsements and testimonials guidance
Insights
Credentials
Education
- J.D. University of Virginia School of Law 2004
- Business editor, Virginia Environmental Law Journal
- A.B. Philosophy and English Duke University 2000
Bar Admissions
- District of Columbia
- Pennsylvania
Court Admissions
- U.S. Court of Appeals for the Sixth Circuit
- U.S. District Court for the Western District of Pennsylvania
Professional Memberships and Activities
- Member, Asian Professional Exchange (APEX)
- Member, Firm Council, Venable
Recognition
- Legal 500, Media, Technology and Telecoms - Cyber Law (including data privacy and data protection), 2021 – 2025
- The Best Lawyers in America, 2024 – 2025