Overview

John Pavolotsky focuses his practice on data privacy, information security, and complex technology transactions. He is also co-chair of the firm's AI, Privacy & Cybersecurity group. John advises clients on privacy, security, and AI compliance, data incidents, breach response, investigations, and litigation matters. On technology transactions matters, John assists clients with technology licensing, collaboration and joint development agreements, and cloud (XaaS) services agreements, among others. In addition, John advises clients in privacy, security, and intellectual property matters in mergers and acquisitions (M&A) transactions.

John is the immediate past chair of the Intellectual Property Section of the California Lawyers Association. In addition, John has taught Technology Transactions Law at the UC Davis School of Law and Comparative Privacy Law at the Santa Clara University School of Law. John has also guest lectured on technology and privacy law topics at the University of California, Berkeley, Haas School of Business; the University of San Francisco School of Management; and Stanford University.

John is an active contributor to the Stoel Rives Global Privacy & Security Blog and to New Matter, the quarterly journal of the IP Section of the California Lawyers Association.

During his free time, John enjoys leading a local hiking club and discussing privacy, cyber, and IP topics during hikes throughout the San Francisco Bay Area.

Before joining Stoel Rives, John served most recently as associate general counsel at Roku, Inc., and group counsel at Intel Corporation.

Education

University of California, Berkeley, Walter A. Haas School of Business, M.B.A., 2010

University of California, Davis, School of Law, J.D., 2000

University of California, San Diego, B.S., Animal Physiology & Neuroscience, 1995

Admissions

California

Experience

  • Draft and negotiate agreements for complex IP transactions, strategic investments, M&A transactions, multibillion-dollar corporate purchase agreements, consortia, joint development, and other transactions.
  • Provide IP, privacy, cybersecurity, due diligence, and other support on corporate transactions.
  • Advise clients on data privacy law compliance, including general state privacy laws (CCPA, OCPA, etc.).
  • Advise clients on international data transfer, data transactions (including data processing agreements), privacy impact assessments, data subject access requests, and privacy notice and policy development.
  • Advise clients on cybersecurity risk assessments, cyber-insurance procurement, cybersecurity incident response, and investigations and litigation stemming from a cybersecurity incident.
  • Advise clients on artificial intelligence laws and regulations, preparation and negotiation of agreements involving AI technologies, and development of AI use policies.

Insights

Insights & Presentations

Publications:

  • “Utah Implements First-in-the-Nation Law Requiring Age Verification for App Store Access," Stoel Rives’ Global Privacy & Security Blog®, May 15, 2025
  • “AI Contracting: The Next Frontier,” Stoel Rives’ Global Privacy & Security Blog®, March 25, 2025
  • “The 24-Hour AI News Cycle: Keeping Up with Legal and Regulatory Developments,” Stoel Rives’ Global Privacy & Security Blog®, February 20, 2025
  • “Navigating Data Broker Privacy Compliance: Top 5 Considerations” (co-author), Stoel Rives’ Global Privacy & Security Blog®, February 18, 2025
  • “Artificial Intelligence Experts Discuss Potential Changes In 2025” (co-author), Mealey's Litigation Report, February 2025
  • “A Deeper Dive into the Proposed Modifications to the HIPAA Security Rule” (co-author), Stoel Rives’ Global Privacy & Security Blog®, January 15, 2025
  • “Data Privacy and Cybersecurity Look Ahead: First Half of 2025” (co-author), Stoel Rives’ Global Privacy & Security Blog®, January 7, 2025
  • “Just Around the Corner: The Utah Consumer Privacy Act (“UCPA”)” (co-author), Stoel Rives’ Global Privacy & Security Blog®, November 2, 2023
  • “Working with Artificial Intelligence: Privacy Pitfalls (and Opportunities),” Stoel Rives’ Global Privacy & Security Blog®, September 5, 2023
  • “A New Consumer Personal Data Protection Law in Oregon,” Stoel Rives’ Global Privacy & Security Blog®, June 29, 2023
  • “FAQ: Washington State’s ‘My Health My Data Act’” (co-author), Stoel Rives LLP legal alert, June 9, 2023
  • “A New Consumer Data Protection Bill in Oregon: A Summary of SB 619,” Stoel Rives’ Global Privacy & Security Blog®, January 23, 2023
  • “Data Privacy for IP Attorneys,” Los Angeles Daily Journal, December 6, 2022
  • “The Current State of General State Privacy Laws,” Stoel Rives’ Global Privacy & Security Blog®, October 24, 2022
  • “Intellectual Property Rights and the Russia-Ukraine War column,” New Matter, IP Section of the California Lawyers Association, 2022
  • “2022 DC Delegation Trip Report,” New Matter, IP Section of the California Lawyers Association, 2022 
  • “2021 DC Delegation Trip Report,” New Matter, IP Section of the California Lawyers Association, 2021 
  • “Data Ownership is an Evolving Concept” (co-author), San Francisco Daily Journal, March 14, 2017 
  • “Licensing Corner” column (co-author), New Matter, IP Section of State Bar of California and California Lawyers Association (2016-2020). Articles include “Licensing in the Age of Artificial Intelligence”; “The Future of Licensing: Drafting and Other Considerations”; “The Brave New World of Data Ownership and Licensing”; “The Trail Less Traveled: Evaluating the Benefits and Costs of the Implied Warranty of Non-Infringement; Soccer, Football, and the Affiliate Conundrum”; and “Covenants not to Sue, Exclusive Licenses, and Implied Licenses”
  • “IP due diligence is a critical part of any M&A transaction,” San Francisco Daily Journal, November 17, 2016 
  • “Author, Best Effort Clauses—what do buyers expect versus how do suppliers respond?” IACCM Contracting Excellence Magazine, 2015 
  • “Privacy and Data Security Provisions in Cloud Services Agreements,” Practicing Law Institute, 2014 
  • “De-Risking the Cloud,” New Matter, Vol. 39, No. 1, IP Section of State Bar of California, 2014 
  • “Privacy in the Age of Big Data,” The Business Lawyer, Vol. 69, Issue 1, Business Law Section, ABA, 2013 
  • “Demystifying Big Data,” Business Law Today, 2012 
  • “Big Data Business Models” (co-author), New Matter, Vol. 37, No. 3, IP Section of State Bar of California, 2012 
  • “Cloud SLAs: Does Your Deal Leave You Exposed?” CIO Insight, 2012 
  • “Cloud Security: Public Versus Private,” Health Data Management, 2012 
  • “Cloud Services and Information Security: The Public vs. Private Service Provider Debate, New Matter, Vol. 37, No. 1, IP Section of State Bar of California, 2012 
  • “What Your CEO Needs to Know About the Cloud,” CIO Insight, 2012

Presentations:

  • "AI Year in Review and a Brief Look Ahead to 2025," speaker, Center for Innovation, Law, and Society (CILS), February 5, 2025
  • “Privacy & Cyber Law Update,” webinar, California Lawyers Association, January 22, 2025
  • “IP Issues in International Technology Agreements,” webinar, California Lawyers Association, January 16, 2025
  • “Navigating the Evolving Landscape of Privacy Laws in the Age of eDiscovery,” panel, ASU-Arkfeld eDiscovery, Law and Technology Conference,” March 6, 2024
  • “AI / GenAI 360 — Addressing Lawyers’, Clients’ and Judges’ Concerns in this Brave New World,” panel, ASU-Arkfeld eDiscovery, Law and Technology Conference,” March 5, 2024
  • “California’s Expanded Non-Compete Ban: SB 699 / AB 1076 (effective Jan. 1, 2024) and related Trade Secrets / IP Issues,” webinar, California Lawyers Association, February 12, 2024
  • “AI and Copyright/IP/Entertainment,” panel, UC Davis School of Law, Business Law Journal Symposium: Artificial Intelligence, February 9, 2024
  • “IP Issues in M&A Transactions,” webinar, California Lawyers Association, February 8, 2024
  • “Data Privacy and Personalized Marketing Experiences,” Stanford University, August 10, 2023
  • “AI & Privacy — An Overview,” UC Berkeley CTO Program, June 22, 2023
  • Presentation on legal and management privacy trends of 2023, IAPP KnowledgeNet, Sacramento, CA, April 20, 2023
  • “Software-as-a-Service (SaaS) Escrow: A Key Component of Your Business Continuity Plan,” Practicing Law Institute webinar, March 1, 2023
  • “Cyber Security Updates,” Portland CFO Leadership Council, January 23, 2023
  • “Cyber-Insurance: The Fundamentals and a Few Advanced Topics,” California Lawyers Association webinar, January 11, 2023
  • “Privacy Basics (and a Few More Advanced Topics) for IP Attorneys,” California Lawyers Association webinar, December 12, 2022
  • “Our Journey Continues: Privacy Incident Response Operationalization and Strategies for Compliance in a GDPR World,” IAPP KnowledgeNet, Mountain View, CA, 2019
  • “Our Journey Continues: Building and Sustaining Robust Global Privacy Programs,” IAPP KnowledgeNet, Mountain View, CA, 2018 
  • “Negotiating Technology Licenses and Joint Development Agreements,” New South Wales Society for Computers and the Law, 2018 
  • “Privacy in M&A Transactions,” IAPP KnowledgeNet, Sacramento, CA, 2018 
  • “Privacy in M&A Transactions,” Privacy Lab, San Francisco, CA, 2018 
  • “Key IP Risks in the Cloud,” 40th Global IP Confex, San Francisco, CA, 2018 
  • “Negotiating the Technology License,” 42nd Annual IP Institute, State Bar of California, Newport Beach, CA, 2017 
  • “Privacy Laws in M&A Transactions,” IP Section of The State Bar of California, 2017 
  • “Big Data Analytics and the Future of Content on the Internet, 8th Annual Anti-Piracy & Content Protection Summit,” Los Angeles, CA, 2017 
  • “Global Perspective on Privacy Law,” California International Law Center, U.C. Davis School of Law, 2017 
  • “Advanced Software and IT Licensing,” ACC Annual Meeting, San Francisco, CA, 2016 
  • “Technology Licensing Boot Camp for Attorneys,” State Bar of California Annual Meeting, San Diego, CA, 2016 
  • “New Attorney Skills: Technology Licensing 101,” CYLA 2nd Annual Practical Skills Training Symposium, San Francisco, CA, 2016 
  • “Protecting Your Client’s IP,” ACC Corporate Counsel University, San Diego, CA, 2016 
  • “The Internet of Things: What’s on the Horizon for Copyright and Privacy Practitioners?” ABA-IPL Spring Meeting, Bethesda, MD, 2016 
  • “Attack of the Drones,” 40th Annual IP Institute, State Bar of California, Rancho Mirage, CA, 2015 
  • “Negotiating Data Licenses,” IP Section of The State Bar of California, 2015 
  • “New Year and New Developments: 3-D Printing, Big Data, and The Internet of Things,” IP Section of The State Bar of California, 2015 
  • “Managing the Movement of Data in the Cloud When Data is Transferred Overseas Without Your Permission,” IT Service Agreements and Licensing—Cloud, Open Source & Software, American Conference Institute, San Francisco, CA, 2014
  • “Negotiating the Supply Chain: Licensing and other Contract Issues,” IP Section of The State Bar of California, 2014 
  • “Contract Issues, Cloud Computing 2014: Key Issues and Practical Guidance,” Practicing Law Institute, San Francisco, CA, 2014 

Affiliations

Professional

  • California Lawyers Association (CLA), IP Section, Vice Chair
  • California Lawyers Association (CLA), Licensing & Technology Transactions Interest Group, IP Section, Chair, 2016–2019
  • Santa Clara University School of Law, Comparative Privacy Law, Adjunct Lecturer 2020, 2022
  • U.C. Davis School of Law, Technology Transactions, Adjunct Professor 2019

Civic

  • UC Davis School of Law Alumni Association, former Board of Directors
  • San Mateo-Foster City Education Foundation, former Board of Directors
Jump to Page