Press Release: 3/9/2026

Top Insights from the Boston Bar Association’s 2025 Digital Law Conference

 

Press Inquiries

If you have any questions or would like to be in touch with the BBA press office, please contact:

Ron Simms, Jr.

Director of Communications

• rsimms@bostonbar.org

By Miriam Duvall, Associate, Pierce Atwood

The Boston Bar Association hosted its annual Privacy, Cybersecurity and Digital Law Conference on November 19, 2025. Attendees heard insights from local experts on new data privacy legislation, increased data privacy and security class action activity, the latest fraud threats fueled by AI, and developing trends in data de-identification.

The program began with the panel discussion, Privacy Law in Massachusetts: the Massachusetts Data Privacy Act and Beyond, moderated by John Weaver, Chair of the Artificial Intelligence Practice at McLane Middleton. Speakers Kevin Angle, Senior Counsel, Holland & Knight LLP, Caitriona Fitzgerald, Deputy Director, Electronic Privacy Information Center (EPIC), and Michael Bergan, Partner, Tremont Strategies Group, focused on data privacy legislation moving through the Massachusetts Statehouse. The panelists agreed that although the Legislature moves slowly, there is considerable energy around this iteration of a comprehensive privacy bill, and they were cautiously optimistic that there could be continued progress in the coming year.

Next, David Quinn Gacioch, Partner at McDermott Will & Schulte, Melanie A. Conroy, Partner at Pierce Atwood LLP, Patrick Vallely, Partner at Shapiro Haber & Urmy LLP, and Andrew Kingman, President of Mariner Strategies, LLP, presented, Privacy Class Action Trends and Perspectives-2025 and Beyond. They discussed recent developments in privacy and data security class action filings, including cases filed under the Electronic Communications Privacy Act, and the California Invasion of Privacy Act. Speakers noted the sustained growth of these types of cases and evolving plaintiff theories, in addition to increasing recovery amounts by plaintiffs.

In Deepfakes: A Demonstration of How They are Made and Used by Threat Actors,  Adam Hart, Vice President at Charles River Associates, Kaitlyn Karpenko, Assistant Attorney General at the Massachusetts Attorney General’s Office, and Linn Freedman, Chair of the Data Privacy & Cybersecurity Team at Robinson & Cole LLP, provided an overview of various types of fraud now being seen across industries, which are driven by bad actors having access to AI. The speakers demonstrated just how easy it can be to create audio and video deepfakes using widely accessible tools. Presenters forecasted increasing challenges to remote authentication and emphasized the business value of employee education. They also covered ongoing efforts by the judiciary to monitor AI issues in evidentiary disputes.

Lastly, Scott Lashway, Member/Co-Chair of the Privacy & Cybersecurity Practice at Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, PC, as well as Liza Cotter, Partner at Weil, Gotshal & Manges LLP, and Beatrice Botti, Senior Vice President, Chief Privacy Office at DoubleVerify Inc., presented, Who am I? De-Identification Standards in the US, EU and Beyond. They discussed the complexities of deidentifying data across different use cases in different regulated industries, and emphasized how more powerful computing will require stronger standards to keep de-identified data anonymous.