Debevoise & Plimpton LLP announced today that Johanna Skrzypczyk (pronounced “Scrip-zik”) has returned to the firm’s New York office as counsel in its Data Strategy and Security practice. Ms. Skrzypczyk, who rejoins the firm after serving as Assistant Attorney General in the Bureau of Internet and Technology at the New York Attorney General’s Office, complements the practice’s existing capacity to assist clients facing increased regulatory scrutiny around cybersecurity events. Ms. Skrzypczyk will also advise clients on AI matters and privacy-oriented work, particularly related to the California Consumer Privacy Act.

Ms. Skrzypczyk brings to the firm a wide range of cybersecurity and litigation enforcement insight and experience from the NYAG’s office. Among her achievements there, Ms. Skrzypczyk helped draft the amendments to New York’s data breach law (known as the SHIELD Act), investigated, litigated, and negotiated the landmark settlement of an action against a national corporation regarding credential stuffing, one of the very few regulatory actions to address this widespread type of cyberattack, and co-led an initiative involving potential discriminatory impacts of AI. Ms. Skrzypczyk also worked on matters involving consumer privacy, data security and virtual markets.

“During the pandemic the frequency of cyber-related incidents has increased, along with scrutiny from state and federal regulators as to how AI and ‘big data’ may lead to discriminatory practices,” said Luke Dembosky, Co-Chair of the firm’s Data Strategy and Security practice said. “Johanna’s experience on the prosecutorial side will help us further expand the services we provide to our clients, while bolstering our ability to advise on issues related to data privacy and consumer fairness,” added Mr. Dembosky.

Prior to her role at the NYAG’s office, Ms. Skrzypczyk was a Debevoise litigation associate from 2010 until 2017. She received her B.A. from Boston College in 2006 and her J.D. from Columbia Law School in 2010.