Amber serves as the Deputy Chair of Bond’s Data Privacy and Cybersecurity practice and maintains Certified Information Privacy Professional/United States (CIPP/US) and Certified Information Privacy Professional/European (CIPP/E) credentials through the ANSI-accredited International Association of Privacy Professionals.

Amber represents a wide range of clients across all industries, including retail, hospitality, manufacturing, development, higher education, technology, health care and media. She currently serves as part-time corporate counsel at Paychex, Inc. where she advises on privacy and cybersecurity matters. 

Privacy Compliance

Amber advises clients on cybersecurity and data privacy compliance issues, including state, federal and international cybersecurity and data privacy laws. Her practices involves counseling clients on managing and mitigating risks associated with the collection, use and disclosure of personal data. Amber assists clients with the development of comprehensive privacy programs and policies, retention and records management, risk assessments and response to data subject requests and complaints. Her broad experience with various data privacy regimes including the California Consumer Privacy Act (CCPA), the European Union’s General Data Protection Regulation (GDPR), China’s Personal Information Protection Law (PIPL), the Illinois Biometric Information Privacy Act (BIPA), the Children’s Online Privacy Protection Act (COPPA), the Federal Trade Commission (FTC) and the New York Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) provides clients with robust knowledge of industry laws and regulations. 

Transactions and Technology

Amber’s practice often focuses on the intersection of data privacy, technology and transactions. She assists clients with complex contract review and negotiation, including strategic risk mitigation for cybersecurity and data privacy liabilities and drafting data protection and data transfer agreements. Amber advises clients on merger and acquisition strategy for data privacy and cybersecurity issues including due diligence and structure review. In addition, she advises clients on product and technology development and implementation with a specific focus on compliance with data protection safeguards and standards. 

Data Breach Response 

Amber counsels clients on multi-jurisdiction data breach response including reporting obligations for various state, federal and international cybersecurity laws. She assists clients in developing proactive data protection programs and information security policies. Amber works closely with cybersecurity forensic teams to assist in the investigation and remediation portions of a cybersecurity event.  

Amber’s practice focuses on: 

  • Data audit and risk assessment
  • Privacy compliance review and program implementation
  • MSA, SaaS, Cloud Service, Technology agreements drafting and negotiation
  • Privacy notices, policies and terms of use agreements
  • Data protection and security addenda drafting 
  • M&A privacy and cybersecurity diligence review 
  • Cybersecurity insurance review
  • Vendor security assessment
  • Remediation strategy and implementation
  • Data subject request and response policies and procedure
  • Records management procedures, policies and guidelines implementation
  • Employee privacy training and handbook review


  • Listed in:
    • The Best Lawyers in America® Ones to Watch, Corporate Law; Mergers and Acquisitions Law and Privacy and Data Security, 2021-2024
    • New York Super Lawyers® Rising Star, Technology Transactions, 2023 
  • New York State Bar Association 
  • Onondaga County Bar Association
  • CNY Women’s Bar Association 
  • Syracuse College of Law Alternate Dispute Resolution Competition, Winner Fall, 2016
  • Syracuse College of Law Alternate Dispute Resolution Competition, Best Advocate, Fall 2016
  • Business Editor, Volume 67, Syracuse Law Review; Editorial Member, Volume 66
  • Moot Court Honor Society
  • St. Lawrence University, Government Honors, Thesis: Public Financing of Elections: A Comparative Analysis of US Presidential and US Gubernatorial Elections, 2014.
  • Bernard J. Lammers Award, Leadership and Research in the Study of Government, 2014 
  • Omicron Delta Kappa

  • Panelist, Don't Crack Under Pressure: Why Tabletop Exercises are Important!, iSecure, January 31, 2024
  • A Special Episode Celebrating Cybersecurity Awareness Month, Legally Bond Podcast, October 10, 2023
  • Developing a Strategy to Comply with Multiple State Privacy Laws, International Legal Technology Association, October 25, 2022
  • Legal Issues in Cyber Incident Response, MACNY Cybersecurity Summit, September 29, 2022
  • Panelist, Buffalo chapter of The Institute for Supply Management®, “Cybersecurity Risk Mitigation; Lessons Learned from Ransomware Triage,” May 6, 2022
  • Co-Panelist alongside Scott Charney, VP of Security Policy at Microsoft Corporation and Kevin Minsky, Senior Legal Counsel of Product Compliance at DocuSign; Cybersecurity and Data Privacy Career Panel, Syracuse University College of Law, February 17, 2022
  • A Special Episode with Amber Lawyer, World Data Privacy Day, Legally Bond Podcast, January 28, 2022
  • An Interview with Amber Lawyer, Cybersecurity and Data Privacy, Legally Bond Podcast, September 27, 2021
  • NY SHIELD Act – Are You in Compliance?, Human Resources Association of the Twin Tiers, August 12, 2021
  • The ABCs of Data Privacy: GDPR, CCPA, NY SHIELD Act and More, Monroe County Bar Association, April 16, 2020
  • Data Privacy and Cybersecurity Legal Overview: How to Comply With New Data Protection Laws and What to do in the Event of a Data Breach, MACNY Cyber Security Summit, March 13, 2020
  • GDPR, California Consumer Privacy Act, and NY SHIELD Act, American Payroll Association NYS Capital Region Chapter Meeting, September 19, 2019

  • Selection Committee, Kurt Wimmer IAPP Westin Scholar Award
  • Association for Data and Cyber Governance
  • Board Member, Syracuse City Ballet, Inc.