James Thomas Shreve

Partner

312.443.0656

More ways to contact James Shreve

Jim helps clients facing complex cybersecurity and privacy issues, particularly those in the country's most highly regulated industries.

Speaking Engagements

Privacy + Security Forum: Spring Academy
Overview
Representative Matters
Insights
Awards

Jim advises all types of companies on the myriad legal concerns surrounding confidential information and how such information is stored and transmitted. Applying the law to rapidly changing technology and software capabilities, he provides clients with a profile of their potential risk, then works closely with executive leadership, legal, IT, and compliance information security teams to develop a comprehensive and practical plan for risk avoidance and responding to cyber and data issues.

In a security breach, Jim draws on his years of experience handling thousands of incidents to counsel clients through every step of cyber and information security incidents, including notification, reporting, and all associated state, federal, and global regulatory requirements.

Jim helps clients develop robust and responsive security and privacy policies and governance documents, meet applicable data safeguarding requirements, and implement compliance programs.

Jim presents on a variety of cybersecurity topics for industry organizations and associations, including the RSA Conference, International Association of Privacy Professionals, ABA, and Mortgage Bankers Association. He is a Fellow of Information Privacy and holds CIPP/US and CIPT certifications from the International Association of Privacy Professionals.

Data Breach Response

  • Assist clients through thousands of data security incidents, including interactions with federal, state, and foreign agencies, forensic investigations, consumer notifications, and remedial following any incident.

Regulatory Advice

  • Guide client responses to regulatory inquiries, investigations, and enforcement actions relating to privacy, information security, or cybersecurity issues.
  • Coordinates with a broad range of financial institutions, including banks, Securities and Exchange Commission (SEC)-regulated entities, mortgage lenders or servicers, or service providers to financial institutions in meeting bank-level security expectations of regulators or business partners. Counsels entities working with financial institutions, who must meet the more stringent security requirements of the financial industry.
  • Work with higher education institutions to comply with legal and regulatory requirements for privacy and cybersecurity.

Fintech Experience

  • Advise new and expanding fintech companies regarding the application of privacy and security requirements to new technologies and business models, as well as related financial services requirements, such as payments standards, anti-money laundering compliance, and licensing.

Artificial Intelligence

  • Work with clients in assessing risks from and complying with existing and new legal guardrails in the development and use of artificial intelligence platforms.
  • JD Supra, Readers Choice Award, Data Privacy (2021)
  • Legal 500, Next Generation Lawyer, Cyber Law (Data Protection and Privacy) (2017-2019)
  • Chambers Global, Associate to Watch, Privacy and Data Security (2016)
  • Chambers USA, Associate to Watch, Privacy and Data Security (2015)
Overview

Jim advises all types of companies on the myriad legal concerns surrounding confidential information and how such information is stored and transmitted. Applying the law to rapidly changing technology and software capabilities, he provides clients with a profile of their potential risk, then works closely with executive leadership, legal, IT, and compliance information security teams to develop a comprehensive and practical plan for risk avoidance and responding to cyber and data issues.

In a security breach, Jim draws on his years of experience handling thousands of incidents to counsel clients through every step of cyber and information security incidents, including notification, reporting, and all associated state, federal, and global regulatory requirements.

Jim helps clients develop robust and responsive security and privacy policies and governance documents, meet applicable data safeguarding requirements, and implement compliance programs.

Jim presents on a variety of cybersecurity topics for industry organizations and associations, including the RSA Conference, International Association of Privacy Professionals, ABA, and Mortgage Bankers Association. He is a Fellow of Information Privacy and holds CIPP/US and CIPT certifications from the International Association of Privacy Professionals.

Representation Matters

Data Breach Response

  • Assist clients through thousands of data security incidents, including interactions with federal, state, and foreign agencies, forensic investigations, consumer notifications, and remedial following any incident.

Regulatory Advice

  • Guide client responses to regulatory inquiries, investigations, and enforcement actions relating to privacy, information security, or cybersecurity issues.
  • Coordinates with a broad range of financial institutions, including banks, Securities and Exchange Commission (SEC)-regulated entities, mortgage lenders or servicers, or service providers to financial institutions in meeting bank-level security expectations of regulators or business partners. Counsels entities working with financial institutions, who must meet the more stringent security requirements of the financial industry.
  • Work with higher education institutions to comply with legal and regulatory requirements for privacy and cybersecurity.

Fintech Experience

  • Advise new and expanding fintech companies regarding the application of privacy and security requirements to new technologies and business models, as well as related financial services requirements, such as payments standards, anti-money laundering compliance, and licensing.

Artificial Intelligence

  • Work with clients in assessing risks from and complying with existing and new legal guardrails in the development and use of artificial intelligence platforms.
Insights

Speaking Engagements

Privacy + Security Forum: Spring Academy

Speaking Engagements

DRI 2025 Insurance Roundtable

Articles + Publications

FTC Settlement Spotlights Security of APIs Proliferating Across the Internet

Articles + Publications

2024 Privacy, AI & Cybersecurity Year in Review

See all insights from James Shreve

Awards
  • JD Supra, Readers Choice Award, Data Privacy (2021)
  • Legal 500, Next Generation Lawyer, Cyber Law (Data Protection and Privacy) (2017-2019)
  • Chambers Global, Associate to Watch, Privacy and Data Security (2016)
  • Chambers USA, Associate to Watch, Privacy and Data Security (2015)

Top areas of focus

  • Member, International Association of Privacy Professionals (IAPP)
  • Fellow of Information Privacy (FIP), CPCU Society

Education

  • University of Pittsburgh School of Law, J.D., 1998
  • Lake Forest College, B.A., 1992

Bar Admissions

  • Illinois
  • District of Columbia
  • Maryland
  • Speaker, “On the Hook: Understanding Personal Exposure for Data Guardians,” Privacy + Security Forum: Spring Academy, May 8, 2025.
  • Speaker, “Privacy Training for Company Employees,” DRI 2025 Insurance Roundtable, March 12, 2025.
  • Speaker, “All About Business: HI Robots: An In-House Counsel’s Guide to Navigating Artificial Intelligence,” Missouri Bar/Missouri Judicial Conference Annual Meeting, September 18-20, 2024.
  • Speaker, “Ethical Considerations of Embracing & Using Generative AI: From ‘How Do I?’ to ‘Should I?’” Missouri Bar/Missouri Judicial Conference Annual Meeting, September 18-20, 2024.
  • Certified Information Privacy Professional/United States (CIPP/US)
  • Certified Information Privacy Technologist (CIPT), International Association of Privacy Professionals