Karen has a broad background in managing businesses that provide governance, risk management and compliance (GRC) services. With nearly 30 years of experience, she builds and manages organizations that provide data protection (privacy and cybersecurity compliance), digital forensics, cyber investigations, and data breach notifications, as well as having focused those teams and her career on providing subject matter expertise across the GRC spectrum.

As founder of one of the first digital forensics consulting firms in the 90’s, she quickly became a thought leader in the areas of e-discovery and digital forensics and focused on intellectual property, securities and insider trading investigations. Over the years she has authored wide-ranging information governance, data protection and e-discovery books and articles and has provided expert testimony for several high stake’s litigations, among being named an expert in more than 100 cases.

  Prior to BDO, she held senior level positions in the above specialties and worked as a Senior Forensic Examiner for the United States Securities & Exchange Commission. She has also held board positions with industry associations and information governance companies in the past.   Karen currently serves as the Data Protection Officer (DPO) for Fortune 50 and Fortune 1000 companies across several industries. In her capacity she has worked with Data Protection Authorities, Supervisory Authorities and Data Subjects on EU Global Data Protection Regulation (GDPR) obligations. As well she regularly reviews and evaluates privacy operations, individual rights management capabilities, and data governance requirements. And, finally, she works with her privacy clients to ensure global compliance and to assist them with establishing privacy and governance operations.

Taryn Crane is a Director in the firm’s Governance, Risk & Compliance practice and leads the firm’s Privacy and Data Protection services. She has consulting experience working across several markets including financial services, insurance, hospitality, technology, pharmaceuticals, industrial, and nonprofits, with a focus in data privacy, enterprise information management, data governance and data analytics. Her experience includes performing gap analyses and risk assessments, privacy program implementation, data mapping and modeling, data quality reporting, user experience (UX) design, process documentation and design thinking. Taryn has served clients as a Privacy Director, leading the implementation of various privacy initiatives to comply with global data privacy regulations. She has led a Data Protection Officer (DPO) team, providing guidance and monitoring compliance for multiple global companies. She is certified as a Project Management Professional (PMP), Certified Information Privacy Manager (CIPM), Certified Information Privacy Professional/Europe (CIPP/E) and Certified Information Privacy Professional/US Private Sector (CIPP/US), Fellow of Information Privacy (FIP), and Certified Data Privacy Solutions Engineer (CDPSE).

Daniel advises clients in the Fintech, blockchain, defi, Web3 and NFT ecosystems – and those who interact with them – on the strategic and commercial issues core to their business models, particularly at the intersection of intellectual property and data. He serves as global head of Orrick’s multi-disciplinary Fintech practice.

Nick Farnsworth advises clients on U.S. and international privacy, security and data enablement requirements and strategies. Nick develops comprehensive data protection programs and risk management solutions for the development, use and acquisition of advanced technologies, including ad tech, automated and connected vehicles, biometric tools, machine learning and artificial intelligence. He also advises on security incidents and breach notification requirements and prepares clients for regulatory inquiry and government investigation.