Michelle Hon Donovan is a commercial lawyer, specializing in intellectual property, privacy, data protection, technology transactions and other commercial contracts. Ms. Donovan's clients represent a wide range of industries, including pharmaceutical and biotechnology, high-end consumer electronics, software, automotive, music, cosmetics and personal care products, real estate development, education, staffing, food and beverage, cannabis, and social networking.
Ms. Donovan's intellectual property matters include:
- Domain Names
- Social Media
- Unfair Competition
Ms. Donovan handles both prosecution and enforcement of trademarks and copyrights. This includes assisting brand owners in developing global brand protection strategies, domestic and international filing, and international opposition and enforcement strategies. She also advises clients on transactional and compliance matters specific to advertising and digital marketing. Recognizing the value of achieving prompt resolutions to disputes and avoiding costly litigation, Ms. Donovan has often used her skills, judgment, and creativity to negotiate favorable outcomes for clients and frequently obtains complete relief without filing a lawsuit. When settlement is not desired or practical, Ms. Donovan tirelessly fights for her clients' rights to summary judgment and trial.
Ms. Donovan is listed in the 2021 edition of World Trademark Review 1000 list of the World's Leading Trademark Professionals as one of the top trademark lawyers in California: Prosecution and Strategy and Enforcement and Litigation. The publication noted that Ms. Donovan is an "intelligent, astute attorney with a no-nonsense approach, by which she gets to the heart of matters quickly and deals with them pragmatically and cost-efficiently."
- GLBA / Safeguards Rule
- Breach Notifications
- Regulatory investigations
Ms. Donovan regularly counsels clients in the complex areas of privacy and cybersecurity, including cybersecurity preparedness, regulatory compliance and investigations, and data breach response. She also counsels clients on the rapidly changing field of data privacy, including the California Consumer Privacy Act (CCPA). She has developed a particular area of expertise in the privacy and cybersecurity issues specific to higher education. .
Ms. Donovan also negotiates and drafts various technology transactions, licensing and other commercial contracts, including contracts relating to intellectual property, software, SaaS, and API licenses, software and website development, manufacturing and distribution, digital marketing, SEO, PPC, PPL, website terms, and consulting/independent contractor agreements.
- Represented a variety of clients in the biotechnology, pharmaceutical, high tech, and software industries to prepare and prosecute domestic and international applications
- Represented clients in the prosecution and defense of oppositions and cancellation actions filed before the Trademark Trial and Appeal Board.
- Represented clients in the prosecution and defense of international oppositions, non-use cancellations and removal actions throughout the world.
- Filed appeal of refusal of registration before the Trademark Trial and Appeal Board
- Represented school with breach incident involving consumer and attorney general breach notifications covering 43 states, remedial action, and developing compliant cybersecurity and incident response plans.
- Represented large multi-campus college with data breach incident, involving multi-state breach notifications, remedial action and developing security breach incident response plans.
- Represented college with data breach incident in California, including breach notification, remedial action, and developing security breach incident response plans.
- Obtained a decision in the Central District of California defeating a highly contentious bid for preliminary injunction over the alleged violation of California wiretap and privacy laws, affirmed by the Ninth Circuit on appeal.
- Prepared comprehensive Information Security Programs for clients, compliant with GLBA, Safeguards Rule, FERPA, Red Flags Rule, and PCI data security standards.
- Advise companies of all sizes on complex privacy issues.
- Technology Transactions, Licensing and Commercial Contracts Represent manufacturers in the biotech / pharmaceutical space with manufacturing and supply agreements.
- Represented an operator of premier vacation home properties in a $10 million acquisition of a Missouri tourism center and accompanying intellectual property.
- Represented various manufacturers with domestic and international distribution agreements
- Represented California college in licensing curriculum and trademarks to third-party schools
- Represented franchisor with software development and licensing agreements
- Represented numerous companies with online advertising and marketing agreements.
- Non-disclosure agreements
- Represented biotechnology imaging company sued for patent infringement of imaging method patents. Obtained favorable settlement after obtaining partial summary judgment on all but one claim.
- Represented a California college in a trademark infringement action. A direct competitor was using the client's trademarks in the meta data of its webpage. We obtained consent judgment of infringement and payment of damages.
- Represented a designer in bringing a copyright infringement suit against an infringing competitor. Obtained favorable settlement for the client.
- Represented cloud-based music storage service in a copyright infringement case brought by a group of major record labels and publishers. Won a favorable summary judgment decision involving issues of first impression related to storing and playing music from the cloud.
- Represented nationwide staffing corporation in a trademark infringement action. Assisted client in bringing an action to protect its registered trademark; obtained settlement where defendant agreed to change its name and pay damages.
- Represented Las Vegas casino and resort sued by lighting designer for copyright infringement. We obtained summary judgment of non-infringement.
- Represented a pharmaceutical research institute sued for patent infringement of imaging method patents. Obtained summary judgment of non-infringement.
- Represented multiple educational institutions in connection with the misappropriation of the schools' name in connection with internet scam websites and degree mills. We assisted the clients in obtaining registered trademarks and pursuing those who misappropriated our clients' trademarks through arbitration under the Uniform Domain-Name Dispute Resolution Policy.
- Advise companies of all sizes on cybersecurity issues and privacy.
Cybersecurity and Privacy
Intellectual Property Litigation
Cybersecurity and Privacy
Areas of Practice
- Intellectual Property
- Internet Marketing/Lead Generation
- Cybersecurity and Data Breaches
- U.S. Patent and Trademark Office
- U.S. District Court for the Central District of California
- U.S. District Court for the Northern District of California
- U.S. District Court for the Southern District of California
- U.S. District Court for the Eastern District of California
- U.S. District Court for the Central District of Illinois
- U.S. Court of Appeals for the Ninth Circuit
- U.S. Court of Appeals for the Federal Circuit
- University of San Diego School of Law, J.D., cum laude, 2004
Order of the Coif
Comments Editor, San Diego International Law Journal
- University of Minnesota, B.S., Genetics and Cell Biology, 1999
- Duane Morris LLP
- Partner, 2014-present
- Associate, 2005-2013
- Buchanan Ingersoll
- Associate, 2004-2005
- Summer Associate, 2003
- The Honorable Ruben B. Brooks, Federal District Court, Southern District of California
- Extern, 2004
- The Salk Institute, Ron Evans Gene Expression Laboratory
- Research Assistant, 1999-2001
Lavin Entrepreneurship Center, Advisory Board
The Comfort Cub Program, Advisory Board
International Trademark Association
- Lawyers Club
- State Bar of California
- San Diego Bar Association
Honors and Awards
- Listed in the 2021 and 2022 editions of the World Trademark Review 1000 list of the World's Leading Trademark Professionals as one of the top trademark lawyers in Prosecution and Strategy and Enforcement and Litigation
Civic and Charitable Activities
Co-founder of Lavin Entrepreneurship Advocacy Program (LEAP), a legal advocacy programoffered in partnership with San Diego State University and the University of San Diego School of Law to pair SDSU student entrepreneurs with USD law students and Duane Morris attorneys to offer legal assistance for start-up businesses (2017-present)
- Mama's Kitchen, San Diego, California. Board of Directors (2009-2012; Volunteer (2007-present): Non-profit organization, providing hot meals to persons suffering from HIV and cancer
- Lilith's Hands, San Diego, California. Founder & President (2001-2002): Organized and promoted charity concert to benefit women in the community, including sexual assault and domestic violence programs
- Co-author, "The CCPA Employee Exemption Sunsets at the End of 2022 – Here's What Employers Need to Know," Duane Morris Alert, September 15, 2022
- Co-author, "USA: A Closer Look at Cybersecurity Funding After the Infrastructure Investment and Jobs Act 2021," One Trust Data Guidance, March 2022
- Co-author, "FTC Strengthens Data Security Requirements Applicable to Institutions of Higher Education," Duane Morris Alert, January 6, 2022
- Co-author, "What the FTC Notice of Penalty Offenses Means for the For-Profit Education Sector," Duane Morris Alert, October 7, 2021
- Co-author, "Supreme Court Rules for Narrow Definition of 'Autodialer' in Telephone Consumer Protection Act Case," Duane Morris Alert, April 6, 2021
- Co-author, "Virginia Consumer Data Privacy Act Becomes Law," Duane Morris Alert, March 23, 2021
- Author, "Department of Education Announces Campus Cybersecurity Program and Implementation Plan," Duane Morris Alert, February 2, 2021
- Co-author, "California Voters Approve the California Privacy Rights Act," Duane Morris Alert, November 9, 2020
- Author, "California Department of Justice Proposes Modifications to Finalized CCPA Regulations," Duane Morris Alert, October 27, 2020
- Author, "CCPA Regulations Amended and Effective Immediately," Duane Morris Alert, August 24, 2020
- Quoted, "Final California Data Privacy Regs Are Approved—and Now in Effect," The Recorder, August 17, 2020
- Co-author, "Companies Must Ensure CCPA Privacy Notices Comply with Disability Accessibility Requirements," Duane Morris Alert, June 17, 2020
- Quoted, "Lawyers React to California Attorney General's Submission for Final CCPA Regulations," The Recorder, June 3, 2020
- Quoted, "FTC May Increase Enforcement of Connected Devices After Smart Lock Company's Security Slipup," Corporate Counsel, April 7, 2020
- Co-author, "California Attorney General's Draft CCPA Regulations Continue to Evolve," Duane Morris Alert, March 17, 2020
- Co-author, "Cybersecurity Update: Protecting Student Data Critical to Continued Participation in the Federal Student Aid Programs," Duane Morris Alert, March 3, 2020
- Co-author, "California Attorney General Proposes Modified CCPA Regulations – Overview of Significant Proposed Changes," Duane Morris Alert, February 20, 2020
- Co-author, "New California Privacy Law Extends Employee Rights Within and Beyond the State," Duane Morris Alert, February 13, 2020
- Quoted, "Now That It's 2020, Companies Want Clarification on the Proposed CCPA Regulations Soon," Law.com, January 21, 2020
Quoted, "The CCPA Is Coming and So Are Data Breach Class Actions," Law.com, November 8, 2019
- Co-author, "CCPA Update: Gov. Newsom Signs Amendments into Law; Attorney General Publishes Proposed Regulations," Duane Morris Alert, October 18, 2019
Co-author, "Nevada Privacy Law Takes Effect October 1: Is Your Company Compliant?" Duane Morris Alert, September 23, 2019
Co-author, "The California Consumer Privacy Act and the Education Industry," The Daily Journal, September 11, 2019
Co-author, "Amendments to the CCPA Ready for Governor's Signature," Duane Morris Alert, September 20, 2019
Quoted, "Report: Nearly Half of Employees Are Unaware of California Consumer Privacy Act," Corporate Counsel, April 30, 2019
Quoted, "What is Personal Information? In Legal Terms, it Depends," Malwarebytes, April 11, 2019
Author, "California Consumer Privacy Act of 2018: Considerations for Higher Education Institutes," Career Education Review, August 2018
Co-author, "California Passes Nation's Strictest Data Privacy Law," Duane Morris Alert, July 9, 2018; republished in Privacy Laws & Business International, August 2018
Author, "General Data Protection Regulation (GDPR) and Career Education," Career Education Review, July 2018
Author, "GDPR Compliance May Be Necessary for U.S. Higher Education to Avoid Steep Fines," Duane Morris Alert, July 19, 2018
- Author, "Class Action Student Loan Scams-A New Take on an Old Scam," Career Education Review, October 2017
- Author, "Schools Must Adhere to Cybersecurity Regulations or Risk Losing Title IV Eligibility," Duane Morris Alerts, September 14, 2017
- Co-author, "Cybersecurity and Potential Loss of Title IV Eligibility," Career Education Review, September 2017
"How Schools Can Use IP to Fight Student Loan Scams," San Francisco Daily Journal and Los Angeles Daily Journal, April 19, 2017
- Co-author, "Student Data Protection in an Era of Education Technology Innovation," Duane Morris Alert, August 7, 2015
- Co-author, "Postsecondary Institutions Subject to the New Federal "Gainful Employment" Rule Have Until July 31, 2015, to Complete Reporting of Data to U.S. Department of Education," Duane Morris Alert, July 27, 2015
"Protecting Your School from Cybercrime and Inadvertent Data Breaches," Career Education Review, April 2015
- "Sunrise Periods for First Wave of gTLDs Are Now Open," Duane Morris Alert, December 9, 2013
- "New TCPA Rules Effective October 16, 2013," Duane Morris Alert, September 2013
- Michelle Donovan, Eric Sinrod, Jeff Redman, Share on the Inside, Protect on the Outside: Best Practices for IP Protection in the Age of Social Networking, LES Insights 2011 Dec 19
Taming the Wilde, Wilde West of Lead Generation, Career Education Review, Oct. 2010
Selected Speaking Engagements
- Speaker, "What Your Institution Needs to Know in the Rapidly Changing Privacy and Data Security Regulatory Landscape," Career Education Colleges and Universities (CECU) 2022 Career Education Convention, June 1, 2022
- Speaker, "The New FTC Data Security Requirements for Institutions of Higher Education," Duane Morris LLP, Webinar, December 15, 2021
- Speaker, "The California Employment Law Landscape Has Changed (Again!)," Association of Corporate Counsel, Webinar, November 4, 2021
- Speaker, "Everything Schools Need to Know About Protecting Records in the Cloud and Negotiating Technology Agreements," Duane Morris LLP, Webinar, June 29, 2021
- Presenter, "Understanding Virginia's Consumer Data Protection Act," Duane Morris Data Privacy and Security Landscape: Legal Developments in the United States and Beyond Webinar Series, May 25, 2021
- Presenter, "Cyber Risks: Learning from Months of Remote Work and Preparing for the Next Wave," Duane Morris COVID-19: Navigating Forward Webinar Series, February 11, 2021
- Speaker, "Understanding the CCPA 2.0: The California Privacy Rights Act," Duane Morris Webinar, December 10, 2020
- Presenter, "What to Worry About for California Contracts," Duane Morris Commercial Contracts Checkup Series, Webinar, November 19, 2020
Speaker, "Brave New (Socially Distanced) World: Privacy and Data Security Challenges for Distance Education and Update from The Department of Education on Data Security Obligations," CAPPS Annual Conference, November 12, 2020
- Presenter, "Privacy, Data Protection and Intellectual Property Considerations for EdTech Start-ups," ASU+GSU 2020 Virtual Summit, October 8, 2020
- Presenter, "Schools Not Tools," ASU+GSU 2020 Virtual Summit, September 30, 2020
- Presenter, "Telephone Consumer Protection Act: What Cannabis Companies Need to Know," Duane Morris LLP, Webinar, September 29, 2020
- Speaker, "Data Privacy: Where are We Now? Plus, CCPA Updates and Impacts," LexisNexis, Webinar, July 22, 2020
Speaker, "Washington Update: Is Your School Doing Enough to Protect Student Data?" CECU Annual Conference, June 17, 2020
- Speaker, "Bracing for the Wild Ride in Data Privacy Regulation," LexisNexis, Webinar, February 27, 2020
Speaker, "2020: A New Era of Data Privacy and Security," CAPPS 35th Annual Conference, Long Beach, California, October 10, 2019
Co-presenter, "Preparing for the CCPA: Lessons Learned from the GDPR," The California Consumer Privacy Act of 2018 Webinar Series, September 16, 2019
Presenter, "How the CCPA Impacts the Higher Education Industry," The California Consumer Privacy Act of 2018 Webinar Series, Duane Morris LLP, September 5, 2019
Presenter, "Preparing for the CCPA: Reviewing and Updating Privacy Policies and Agreements for Compliance," The California Consumer Privacy Act of 2018 Webinar Series, Duane Morris LLP, June 20, 2019
Presenter, "Understanding the New California Consumer Privacy Act: Why the CCPA Applies to You and Practical Steps You Can Take Now to Comply," The California Consumer Privacy Act of 2018 Webinar Series, Duane Morris LLP, May 23, 2019
Presenter, “E-Signed, Sealed, Delivered,” Duane Morris Commercial Contracts Checkup Series, Webinar, January 24, 2019
Presenter, "Learn to Be Legally Compliant and Outperform Your Competition in the Ever-Changing Marketing Landscape. The Latest in Misrepresentation & New Marketing Strategies that Drive Major Results for School," CAPPS 34th Annual Conference, Westin Mission Hills Golf Resort & Spa, Rancho Mirage, California, October 11, 2018
Speaker, "Legal Updates and Trends for 2018," Duane Morris and BB&T Breakfast Briefing, January 2018
Presenter, “Are You Up-to-Date on Key Provisions and Confidential Information Protections in Term Sheets, MOUs and Letter Agreements?” Duane Morris Commercial Contracts Checkup Series, Webinar, June 21, 2018
Speaker, "Legal Update: Cybersecurity for Schools" AACS 2017 Annual Conference, November 2017
- Speaker, "Leveraging the Present and Future of Social Media to Connect and Engage Future Graduates," 31st Annual Conference "Strong Student, Proud Graduates," California Association of Private Postsecondary Schools (CAPPS), October 8, 2015
- "Cybersecurity: Addressing the Risks to Schools and Student Records," APSCU webinar, May 2015
- Speaker, "Cyber Crime: Beware of Multi-Dimensional Attacks," San Francisco Treasury Symposium, May 1, 2015
- Speaker, "Cybersecurity: Managing Risks and Protecting Your Organization," 2015 Accounting & Financial Women's Alliance
- Speaker, "Cybercrime and Protecting Your Organization," 2015 Webinar co-presented with FBI Internet Crime Complaint Center (IC3)
- Speaker, "Text Talk (Compliance for Telemarketing Texts), 2014 AACS Spring Management Conference
- Speaker, "Protecting Educational Records at School and in the Cloud," 2014 AACS Legal Seminar
- Speaker, "Cybercrime and Your Legal Liabilities," 2014 Webinar
- Speaker, "New Telemarketing Consent Rules under the TCPA," AACS 2013 Annual Conference, November 2013
- Speaker, "The Business Cyber Liability Luncheon" Nov. 2013 German American Chamber of Commerce Luncheon
- Speaker, "Protecting Your Rights in a Digital Age" 2013 AACS Spring Management Conference
- Speaker, "Cyber, Privacy and Social Media Risks: How to Survive in the Digital Age" Sept. 2013 Duane Morris and BB&T Breakfast Briefing
- Speaker, "Social Media: Dancing on the Edge of a Volcano" Nov. 2012 Duane Morris and BB&T Breakfast Briefing
- Speaker, "Share on the Inside, Protect on the Outside: Best Practices for IP Protection in the Age of Social Networking" 2011 LES Annual Meeting
- Speaker, "Misrepresentation Rule and Third Party Vendors" 2011 APSCU Webinar
- Speaker, "Internet Highway Robbery: Protect Your Domain, Trademarks, & Copyrights from Cyberthieves," 2008 CCA Annual Convention
- Speaker, "Katie Bar The Door! Protecting Yourself From Privacy Problems & Internet Scoundrels," 2008 AACS Spring Management Conference
- Speaker, "Proprietary Information, Idea Ownership, and Copyrights," International Special Events Society San Diego Chapter meeting, San Diego, California, November 20, 2008