Kristin M. Hadgis counsels and defends retail and other consumer-facing companies in matters relating to privacy and cybersecurity, class actions, Attorney General investigations and enforcement actions, the California Consumer Privacy Act, consumer protection laws, retail operations, loyalty and gift card programs, and commercial disputes. Kristin also handles data security incident response crisis management, including any resulting litigation or government investigations.
Kristin has advised hundreds of companies in connection with privacy and cybersecurity compliance issues such as privacy policies, information security policies, incident response plans, and protocols for data collection, storage, and transfer. Her experience includes the California Consumer Privacy Act (CCPA), General Data Protection Regulation (GDPR), state data security laws, the Fair Credit Reporting Act (FCRA), the Fair and Accurate Credit Transactions Act (FACTA), US federal and state CAN-SPAM laws, the Telephone Consumer Protection Act (TCPA), Federal Trade Commission (FTC) rules, the Securities and Exchange Commission privacy regulations (Reg. S-P), the Children’s Online Privacy Protection Act (COPPA), and the Family Educational Rights and Privacy Act (FERPA). Kristin has advised on more than 250 data breaches in her career, counseling clients on how best to give notice to affected individuals or government and consumer reporting entities, following proper compliance protocol. Kristin also represents these companies on any class action and other litigation stemming from the incidents, and instructs them on implementing policies and procedures to prevent and mitigate future breaches.
Kristin also understands the unique issues and challenges facing retail, e-commerce and other consumer-facing companies, and routinely advises these clients on a variety of legal, regulatory, and operational matters. She works closely with clients on retail operations and compliance, including the launch of bricks and mortar stores across the United States and e-commerce platforms. She also counsels retail and consumer-facing clients on loyalty programs, gift cards, marketing and advertising, social media, price comparison, fraud prevention, online contracting and website terms, and privacy and data security compliance.
She is a member of the firm’s retail and privacy and cybersecurity practices as well as its class action working group. Kristin routinely writes articles on developments in the law on consumer and data privacy matters
In her pro bono practice, Kristin represents children in dependency proceedings through the Support Center for Child Advocates.
Prior to joining Morgan Lewis, Kristin clerked for Judge Timothy R. Rice of the US District Court for the Eastern District of Pennsylvania. While attending law school, she was a legal extern for Judge Juan R. Sanchez in the same court.
Privacy and Cybersecurity
Drafted website privacy policies for hundreds of companies
Assisted dozens of companies to prepare for the CCPA and the EU GDPR. The work included a review of clients’ privacy programs, privacy policies, security policy, and contracts
Defending consumer-facing companies in Telephone Consumer Protection Act litigation, including successfully obtaining favorable settlements
Successfully managed more than 250 data breach incidents, including determining and executing notification requirements, assisting clients with investigative and remedial actions, and pursuing cost recoveries against insurers or responsible parties
Advised businesses and nonprofits on data sharing and data privacy compliance, including under Gramm-Leach Bliley Act and Regulation S-P
Retail and E-Commerce
Defending national retailers in price comparison class actions
Representing national retailers in data incident class actions filed across the country
Won motion to dismiss lawsuit under FACTA for information printed on credit card receipts
Successfully obtaining dismissal of claims brought against retailers under the New Jersey Truth-in-Consumer Contract, Warranty and Notice Act
Advised retailers through all phases of launching e-commerce platforms and bricks and mortar stores
Counseled national retailers on buying club compliance for new online programs
Advised dozens of retailers on loyalty programs
Won motion to dismiss lawsuit under FACTA for information printed on credit card receipts provided by retail companies at the point of sale
Villanova University School of Law, 2008, J.D., Magna Cum Laude
Franklin & Marshall College, 2003, B.A.
US Court of Appeals for the Third Circuit
US Court of Appeals for the Fourth Circuit
US District Court for the Eastern District of Pennsylvania
US District Court for the District of New Jersey
Clerkship to Judge Timothy Rice of the US District Court for the Eastern District of Pennsylvania (September 2008 - April 2009)
Awards and Affiliations
They’ve Got Next: Privacy and Cybersecurity, Bloomberg Law (October 2021)
Distinguished Advocate for Children, Support Center for Child Advocates in Pennsylvania (2021)
Named 2014 Pennsylvania Product Liability Department Of The Year by The Legal Intelligencer