Faith is the Chair of the Firm’s Privacy and Data Security Practice Group and a Certified Information Privacy Professional/United States (CIPP/US).  She is a creative, dynamic, and pragmatic problem solver who loves helping clients mitigate business risk and find practical solutions to legal challenges.

Faith counsels clients on compliance with the myriad and rapidly evolving privacy laws, including state, federal, and international laws, such as BIPA, CAN-SPAM, COPPA, FCRA, FERPA, FTC ACT, GLBA, HIPAA, TCPA, the California Consumer Privacy Act of 2018 (CCPA), as amended by the California Privacy Rights Act (CPRA), the Virginia Consumer Data Protection Act (VCDPA) , the Colorado Privacy Act (CPA), the Utah Consumer Privacy Act (UCPA), the Connecticut Act Concerning Personal Data Privacy and Online Monitoring (CTDPA), the Massachusetts data protection regulations (201 CMR 17), the New York SHIELD Act, and the General Data Protection Regulation (GDPR), and international data transfer mechanisms (including the “standard contractual clauses” issued by the European Commission and the international data transfer agreement and addendum issued by the UK Information Commissioner’s Office).

Faith also negotiates commercial agreements involving privacy and data security, including data processing and data sharing agreements; develops privacy and security policies and information management best practices; advises on incident and breach response; and handles privacy risk allocation and due diligence in the context of M&A and investment transactions. Faith provides guidance on regulatory matters and defended the first online behavioral advertising case brought by the Federal Trade Commission against an online network advertiser.  In addition to her privacy expertise, Faith’s transactional practice focuses on the structuring, drafting, and negotiation of agreements surrounding the development and commercialization of technology and other intellectual property assets, including acquisition, distribution, strategic alliance, software as a service, and enterprise licensing agreements, as well as EULAs and terms of use.

Faith advises clients at all stages of growth, from private small-to-medium enterprises to large publicly-traded companies, and across a broad range of industry verticals that include software and e-commerce; marketing/advertising, financial, and healthcare technology; education; professional services; clinical trials and research; digital games; life sciences; and the arts.

Prior to joining the Firm, Faith was assistant college counsel to Emerson College, providing services to the College and to its Majestic Theater, and was an associate in the Washington, D.C. office of Covington & Burling, practicing in the intellectual property, technology, and communications areas. Following law school, she clerked for the Honorable Gerald Bard Tjoflat, Circuit Judge for the US Court of Appeals (Eleventh Circuit).

Outside the Office

Faith holds a degree in vocal performance from New England Conservatory of Music and continues to perform in cabaret settings. She is passionate about exercise and vegan pastry.


Quoted: Bloomingdales’ tracking of web visitors doesn’t trigger jurisdictionMass Lawyers Weekly

European Commission Approves EU-U.S. Data Privacy Framework

Top 10 Tips for Developing a Privacy Notice

Upcoming UK and EU Data Transfer Deadlines

Quoted: ZoomInfo: Company Sold Personal Phone Numbers of EU Citizens Without Consent After Saying It Does Not Sell Personal Data; Practice Likely Violates GDPR, According to Experts, and Undermines Company’s Lawful Basis for Operating in EU, The Capitol Forum

Quoted: ZoomInfo: Personal Data Gathered Using Community Edition Sold in Recruiter Platform, According to Former Employees; Practice Would Make Company Subject to Emerging State Privacy Laws, The Capitol Forum

CCPA Compliance – Required Updates to Privacy Policies

European Commission Adopts New Standard Contractual Clauses for Data Transfers

Virginia Follows California Lead on Data Protection—With Narrower Scope

Transatlantic Data Flows Face Stormy Seas: Privacy Shield Invalidated – Standard Contractual Clauses Viable for Now

The First Step in Developing a GDPR Compliance Strategy: Assess Your EU Personal Data Flows

4 SCARY Facts about the New European Union General Data Protection Regulation

Quoted: Burger King’s Google-Triggering Ad Invites Complaints, Scrutiny, Bloomberg

6 SCARY Privacy and Data Security Facts and Recent Developments

High-Level Points Regarding the U.S. Privacy and Data Security Landscape

Data Privacy Bell Ringers: These Situations Should Ring a Bell and Prompt Discussion with Privacy Counsel

M&A Privacy and Compliance with Applicable Privacy Laws and Sharing of Customer Information

2013 Data Privacy Report

No Escape From Release Forms

Speaking Engagements

Speaker, Introduction to Privacy Law for Aging Life Care Professionals, Aging Life Care Association

Video: Privacy and Data Security Issues for Service Recipients and Service Providers

Video: Understanding the Children’s Online Privacy Protection Act

Video: The Importance of Developing an Accurate Privacy Policy

Video: Privacy in M&A Transactions

Presenter, Lunch and Learn: Data Privacy and Security, Scroobious

Presenter, 2021 Privacy & Cybersecurity Conference, Future-Proofing Privacy Compliance, Boston Bar Association

Presenter, Pragmatic Advice for Addressing the Unique Challenges Raised by The Data Protection Landscape, New England Corporate Counsel Association, Inc.

Presenter, Operationalizing Standard Contractual Clauses, Morse and Privacy Ref

Presenter, Operationalizing Emerging US Privacy Laws, Privacy+Security Academy

Presenter, Privacy Online: How to Apply the Myriad Laws to Your Client’s Business, MCLE

Presenter, Privacy Round Table, Privacy Ref Webinar

Presenter, Confronting Privacy Fears: Practical Approaches to Challenges in the U.S. and EU, Morse and Hewitsons

Presenter (Privacy and Data Security), Head into the Clouds:  What Every Lawyer Needs to Know About Purchasing – and Selling – Cloud Services, New England Corporate Counsel Association, Inc.

Presenter, Emerging Issues in M&A: Enhancing Data Privacy and Security in 2015The Knowledge Group/The Knowledge Congress Live Webcast Series

Presenter, 16th Annual Intellectual Property Law Conference, FTC Privacy Law Update, MCLE

Presenter, 15th Annual Intellectual Property Law Conference, Privacy Update, MCLE

Presenter, 14th Annual Intellectual Property Law Conference, Privacy Update, MCLE

News & Insights

2019-2023 M&A Deals Morse Women Attorneys Webinar Series M&A News: Morse Client Garvin Construction Products in Acquisition by Beacon Kevin Olson Earns IAPP Certified Information Privacy Technologist Credentials Client Alert: European Commission Approves EU-U.S. Data Privacy Framework 2022 M&A Deals Top 10 Tips for Developing a Privacy Notice Client Alert: GLBA Compliance Faith Kasparian Named Go To Privacy & Cybersecurity Lawyer by MA Lawyers Weekly Client Alert: Upcoming UK and EU Data Transfer Deadlines Client Alert: The New Data Transfer SCCs Client Alert: CCPA Compliance Client Alert: Standard Contractual Clauses Client Alert: Virginia Consumer Data Protection Act IP News: 6(b) Orders Issued Morse’s Faith D. Kasparian Named to Massachusetts Lawyers Weekly Top Women of Law for 2020 Client Alert: Privacy Shield Decision The First Step in Developing a GDPR Compliance Strategy Data Privacy Bell Ringers Elevation Launches the New Year at Morse Client Alert – Happy Halloween! Client Alert – Happy Halloween! VIDEO: Privacy and Data Security Clips WISP – Written Information Security Program High-Level Points Regarding the U.S. Privacy and Data Security Landscape M&A Privacy & Data Security Considerations: No Escape From Release Forms