Spencer Soucy works exclusively with Littler's Privacy Practice Group and with CCPA/CPRA attorneys. She represents and counsels employers on all aspects of workplace privacy and information security in both the U.S. and internationally, including:

  • The California Consumer Privacy Act (CCPA), New York SHIELD Act, Virginia Consumer Data Protection Act, and other state data protection laws
  • The EU General Data Protection Regulation (GDPR) and other global data protection laws
  • Responding to security breaches in compliance with federal and state data breach notification requirements
  • Biometric data privacy issues
  • Social media and other new technologies
  • Platform privacy policies and terms of use
  • “Bring-your-own-device” programs, wearable devices, and other technologies in the workplace
  • Background checks and use of criminal history, including under the Fair Credit Reporting Act (FCRA) and state “ban-the-box” laws
  • The Health Insurance Portability and Accountability Act (HIPAA) and other health laws
  • The Federal Wiretap Act
  • Employee surveillance and monitoring, including under the Federal Electronic Communications Privacy Act, and Stored Communications Act
  • The Telephone Consumer Protection Act

Spencer is a Certified Information Privacy Professional (CIPP/US), and worked as a cybersecurity and data privacy associate assisting with incident response prior to joining Littler's New York office. 

She previously worked as a pre-bar associate in Littler’s San Francisco office before moving to New York City.

Affiliazioni professionali e istituzionali


International Association of Privacy Professionals (IAPP)


  • J.D., Washington University in St. Louis, School of Law, 2019
  • B.A., Washington University in St. Louis, 2015

Conoscenze linguistiche

  • Spagnolo

Foro di appartenenza

New York