Photo of Amy Gordon

Amy Gordon is an associate in the Litigation Department and a member of the Product Liability group. Amy’s practice focuses on a wide range of complex civil and commercial litigation matters, including product liability defense, class action defense, privacy and data security, and telecommunications disputes. She is also a member of the litigation team representing the Financial Oversight and Management Board in the Commonwealth of Puerto Rico’s bankruptcy proceedings.

In addition, Amy advises clients across industries on economic sanctions and asset forfeiture related issues.

Amy earned her J.D. from the University of Texas School of Law, where she was a Cybersecurity Graduate Fellow and served as Chief Notes Editor for The Review of Litigation.  During law school, Amy interned for the Honorable Nicholas G. Garaufis in the United States District Court for the Eastern District of New York.

On January 1, 2021, Congress enacted the Corporate Transparency Act as part of the Anti-Money Laundering Act of 2020 to “better enable critical national security, intelligence, and law enforcement efforts to counter money laundering, the financing of terrorism, and other illicit activity.” FinCEN issued the final rule on Beneficial Ownership

Judge Jeffrey White of the Northern District of California recently dismissed a putative class action lawsuit in which plaintiffs claimed they faced an imminent threat of future of harm in the form of identity theft and fraud because their personal information, specifically their driver’s license numbers, may have been compromised

The FTC indicated that it will use its rulemaking authority under the FTC Act’s Section 18 to create a new rule that will likely seek to rein in broad data collection and use.

In October 2021, FTC Commissioner Rebecca Kelly Slaughter made two speeches in which she expressed a desire to move beyond the FTC’s “notice-and-consent” framework to address broader surveillance practices that underlie the digital advertising economy, specifically by applying “bright-line purpose and use restrictions that minimize the data that can be collected and how it can be deployed.”