Starr Turner Drum

Starr has extensive experience in developing globally-compliant privacy and information governance policies and programs to manage the content and volume of data and protect its safety and security. Starr is particularly equipped to support organizations with General Data Protection Regulation (GDPR) and California Consumer Privacy Act/California Privacy Rights Act (CCPA/CPRA) compliance. The International Association of Privacy Professionals, the only globally-recognized credentialing program in information privacy, has certified Starr in privacy program management (CIPM), European data protection (CIPP/E), and as a Fellow of Information Privacy (FIP).

Starr has successfully developed internationally-compliant privacy and information governance plans and polices for private equity firms and their portfolio companies in a variety of industries. Her clients include software developers, government contractors, health care providers, banks, insurers, manufacturers, retailers, brokerage firms, talent agencies, and more. She has assisted organizations with privacy and security program implementation and training to ensure organizational compliance with plans and policies after development. Starr also helps clients assess privacy and cybersecurity risks associated with potential acquisition targets.

Starr has been litigating complex and class action matters since the start of her career and has been annually named a Mid-South Super Lawyers “Rising Star” in e-discovery since 2016. She has successfully represented her clients in numerous privacy and data breach civil litigation matters in state and federal courts. She has also handled multiple federal and international privacy and security-focused regulatory investigations for her clients

Starr also serves as a member of the Working Group 11 steering committee for the Sedona Conference, a nonpartisan research and educational institute dedicated to the advanced study of law and policy in the areas of antitrust law, complex litigation, intellectual property rights, and data security and privacy law. She also teaches privacy and data security law as an adjunct professor at the University of Alabama School of Law.

Affiliations

• Alabama State Bar Association
• Birmingham Bar Association, Women Lawyers Section Board Treasurer
• Birmingham Bar Association, Executive Committee, Place 1”
• Florida State Bar Association
• Georgia State Bar Association
• International Association of Privacy Professionals

Civic Involvement

• Board of Governors for City Club of Birmingham
• Birmingham Volunteer Lawyers Program
• WBHM Junior Advisory Board
• Indian Springs School Alumni Council
• Sedona Conference Working Group 11 Steering Committee
• Member of Sedona Conference Working Groups 6 and 11

• The Sedona Conference Commentary on the Enforceability in U.S. Courts of Orders and Judgments Entered under GDPR
• The Sedona Conference Commentary on Ephemeral Messaging
• The Four Ps of Privacy
• A Brief FAQ on the Latest CCPA Amendment Updates
• The Alabama Data Breach Notification Act of 2018
• California’s Sweeping New Law Set to Dramatically Shift Privacy Landscape
• “Responding to GDPR Pushback: The Business Case for Compliance” – International Association of Privacy Professionals
• Privacy Statement Deficiencies Could Have Greater Consequences in 2018
• One Year Until GDPR; Is Your Organization Prepared?

March 3, 2021, “The Sedona Conference Commentary on Ephemeral Messaging,” The Sedona Conference (Webinar)

October 20, 2020, “Privacy & Security in 2020: What’s Happened and What’s Coming,” Alabama Human Resources Management Conference (Webinar)

September 2, 2020, “Privacy & Security in 2020: What’s Happened and What’s Coming,” Association of Corporate Counsel, Alabama Chapter (Webinar)

July 30, 2020, “The Sedona Conference Commentary on the Enforceability in U.S. Courts of Orders and Judgments Entered under GDPR,” The Sedona Conference (Webinar)

June 24, 2020, “CCPA Enforcement is Right Around the Corner: Best Practices and Tips for Achieving Compliance,” Active Navigation (Webinar)

June 2, 2020, “Operationalizing Privacy and Data Security Compliance in Higher Education,” SCCE 2020 Higher Education Compliance Conference (Webinar)

April 15, 2020, "U.S. Judicial Enforcement of Orders Entered Under the EU General Data Protection Regulation (GDPR)," The Sedona Conference Working Group 11 Annual Meeting 2020 (Webinar)

April 7, 2020, “Staying In Your Privacy Lane: Knowing Your Role and Knowing When to Ask for Help,” IAPP Global Privacy Summit 2020 (Washington, D.C.)*

January 30, 2020, “Privacy in 2020: Where do GDPR and CCPA Stand and What Comes Next,” ControlCase 2020 Data Security and Compliance Summit (Orlando, FL)

November 22, 2019, “There’s An App for That: The ‘Sharing Economy’ and Data Privacy,” Birmingham Bar Association CLE (Birmingham, AL)

July 18, 2019, “Online Privacy: Who’s Monitoring You and How?,” Alabama State Bar Annual Meeting (Point Clear, AL)

June 20, 2019, “U.S. Judicial Enforcement of Orders Entered Under the GDPR,” The Sedona Conference Working Group 11 International Programme Meeting (Hong Kong)

April 3, 2019: “Subject Access Rights Under the GDPR,” International Privacy + Security Forum (Washington, D.C.)

March 8, 2019, “Stuff You Didn’t Learn in Law School: Hot Topics in Privacy and Cybersecurity Law,” Birmingham Bar Membership Forum (Birmingham, AL)

February 28, 2019, “U.S. Judicial Enforcement of Orders Entered Under the EU General Data Protection Regulation (GDPR),” The Sedona Conference Working Group 11 Annual Meeting 2019 (Houston, TX)

February 1, 2019: “Automation and Appellate Advocacy,” Cumberland Law Review Symposium (Birmingham, AL)

November 15, 2018: “GDPR Compliance,” ControlCase 2018 Data Security and Compliance Summit (Ft. Lauderdale, FL)

August 24, 2018: “Navigating the Wild West of Online Privacy in a Rapidly Changing Legal Landscape,” Birmingham Bar Association CLE (Birmingham, AL)

June 28, 2018: “Privacy and Data Security Law: an Overview,” Alabama State Bar Annual Meeting (Sandestin, FL)

April 17, 2018: “Data Privacy and Security Laws: Their Broad Reach and Enforcement.” Birmingham Bar Association Women Lawyers Section CLE (Birmingham, AL)

April 10, 2018: “GDPR Overview and Discussion,” IAPP Birmingham KnowledgeNet Chapter Meeting (Birmingham, AL)

August 24, 2017: “ESI,” Alabama State Bar Lawyer University (Montgomery, AL)

*Postponed due to COVID-19