Christopher Dodson


Recent Publication:

Utah to Require Disclosure of Artificial Intelligence [Alert]

Daniel Kilburn and Chris Dodson discuss Utah's Artificial Intelligence Policy Act which will require certain disclosures regarding the use of generative AI tools.

Chris enjoys using his prior experience as a software engineer to solve clients' concerns where technology intersects with the law.

As a member of our Technology, Privacy, & Data Security practice, Chris advises clients on privacy and cybersecurity regulations, handles matters involving artificial intelligence, and negotiates technology contracts and data licenses.

A leader in the area of technology, privacy, and data security, Chris has extensive experience advising clients on federal, state, and European privacy laws, including U.S. state comprehensive privacy laws, U.S. state biometric privacy laws, the Gramm-Leach-Bliley Act, the NYDFS Cybersecurity Regulation, and FFIEC and FTC privacy and cybersecurity regimes. He is leading efforts to develop technology-based defenses in BIPA actions.

Chris works with large and small clients that use or provide technology solutions, including companies in sectors such as financial services, financial technology, health care, online retail, brick-and-mortar retail, cloud services, software as a service (SaaS), software, mobile apps, blockchain, logistics, aviation, and more.

He assists clients on a variety of transactional matters, including data processing agreements, artificial intelligence licenses, electric vehicle charging station agreements, SaaS agreements, platform as a service (PaaS) agreements, infrastructure as a service (IaaS) agreements, technology services and licensing agreements, proprietary and open source software licenses, independent contractor agreements, professional services agreements, nondisclosure agreements, online marketplace agreements, and drop shipment agreements.

In his spare time, you may find Chris engaged in pursuits such as gardening, skiing, lumberjacking, and even bull riding.



Industry Reactions to EU-U.S. Data Privacy Framework: Feedback Friday

July 14, 2023

Chris Dodson discusses the implications of the approved EU-U.S. Data Privacy Framework (DPF) in SecurityWeek.

42 Cozen O'Connor Attorneys Named Pennsylvania Super Lawyers & Rising Stars

May 24, 2023

Super Lawyers has selected 42 Cozen O'Connor attorneys to the 2023 Pennsylvania Super Lawyers and Rising Stars lists.

Cozen O'Connor Promotes 29 Attorneys to Member

March 20, 2023

Cozen O'Connor is proud to announce the promotion of 29 attorneys to member.

Technology, Privacy & Data Security Practice Launches Cyber Law Monitor Podcast

November 01, 2022

The Cyber Law Monitor podcast from Cozen O’Connor’s Technology, Privacy & Data Security practice group covers emerging trends, developments, and best practices.

Investindustrial’s Agreement to Purchase Majority Stake of Eataly S.p.A

October 17, 2022

Cozen O’Connor served as U.S. and Canadian counsel in Investindustrial’s acquisition of a majority stake in Eataly S.p.A., the global chain of upscale Italian marketplaces. A team led by M&A attorney and Italy Practice chair Christian Moretti conducted significant due diligence of more than 20 Eataly businesses in the United States and Canada, in collaboration with Deloitte Legal Italy and Studio Legale Chiomenti. For nearly two decades, Eataly has been operating high-quality Italian food markets and restaurant concepts in prestigious locations across the globe, including flagship stores in New York, Chicago, Los Angeles, Boston, Dallas, and Silicon Valley.

Cozen O’Connor Boosts its Technology, Privacy, Data Security and Emerging Growth Practices by Adding Nine Attorneys from Philadelphia Law Boutique Baer Crossey McDemus LLC

May 04, 2020

Andrew Baer, Michael Crossey, and Christopher McDemus will stretch the firm’s reach within the global technology, and emerging growth business communities.


Utah to Require Disclosure of Artificial Intelligence [Alert]

May 13, 2024

Daniel Kilburn and Chris Dodson discuss Utah's Artificial Intelligence Policy Act which will require certain disclosures regarding the use of generative AI tools.

Joint Guidelines for Secure AI Deployment [Alert]

April 25, 2024

The new cybersecurity guidance, issued jointly by agencies in the U.S., Australia, New Zealand, the U.K., and Canada, focuses on best practices for organizations that deploy third-party-developed AI.

The European Union Artificial Intelligence Act: Part One – Scope and Prohibited Systems [Cyber Law Monitor Blog]

April 23, 2024

The European Union recently enacted its new artificial intelligence regulation, the (“EU AI Act”). The new law is expected to have a substantial impact on the AI industry, including on companies outside of the EU, much as the GDPR did. Overall, the EU AU Act follows a risk-based approach...

U.S. Department of Commerce Proposes a New KYC Rule Applicable to U.S. IaaS Providers [Alert]

February 27, 2024

Robert Rubenstein and Christopher Dodson discuss the Commerce Department’s Proposed Rule that proposes a new Customer Identification Program and other requirements for U.S. providers and foreign resellers of infrastructure as a service products.

President Biden Signs Executive Order on Artificial Intelligence [Alert]

November 06, 2023

Christopher Dodson discusses President Biden's recent executive order on the safe use of artificial intelligence and how it could impact businesses.

Biden Administration’s Voluntary AI Safety Agreement [Cyber Law Monitor Blog]

October 05, 2023

The Biden administration announced that it brokered a voluntary agreement with several of the biggest technology and artificial intelligence (AI) companies. The agreement, available here, has the companies taking a number of actions intended to encourage safe, secure, and trustworthy development...

Artificial Intelligence Systems, Profiling, and the New U.S. State Privacy Laws [Cyber Law Monitor Blog]

September 21, 2023

The rapid spread of Artificial Intelligence (AI) systems in recent years has overlapped with the enactment of comprehensive privacy laws by multiple U.S. states. Aside from being generally applicable to AI systems in the same way as they are to any online service, several of the comprehensive...

EU Adopts the EU-US Data Privacy Framework [Alert]

July 11, 2023

On July 10, 2023, the EU adopted the EU-US Data Privacy Framework in response to the Schrems II decision, which struck down the EU-US Privacy Shield.

The Biden Administration’s Blueprint for an AI Bill of Rights [Cyber Law Monitor Blog]

May 15, 2023

As the use of artificial intelligence (AI) rapidly expands throughout the private sector and government, the Biden administration has published a report titled A Blueprint for an AI Bill of Rights. A summary is available at and the full...

NIST Issues New Artificial Intelligence Risk Management Framework [Cyber Law Monitor Blog]

May 02, 2023

The National Institute of Standards and Technology (NIST) recently released version 1.0 of its Artificial Intelligence Risk Management Framework. The framework is available at, and a full set of supporting documents is available at...

AI: What You Need to Know [Cyber Law Monitor Blog]

May 01, 2023

Andy Baer is joined by three of his Cozen O'Connor colleagues for a panel discussion exploring the evolving law of artificial intelligence in the U.S. and Europe, including legal risks associated with ChatGPT and other AI tools, the current state of regulation, and how providers and users of AI...

NTIA Request for Comments on AI Accountability [Alert]

April 19, 2023

The National Telecommunications and Information Administration recently issued a request for comments regarding artificial intelligence accountability.

Iowa’s New Privacy Law

April 13, 2023

With Governor Kim Reynolds signing S.F. 262 into law on March 29, 2023, Iowa became the sixth state to enact a comprehensive consumer privacy law.

Update on EU-US Personal Data Transfers [Cyber Law Monitor Blog]

November 14, 2022

Andy Baer is joined by Christopher Dodson of Cozen O'Connor to discuss EU-US personal data transfers after Schrems II, including the latest on the EU-US Data Privacy Framework. Download this episode....

SEC Proposes New Rules for Cybersecurity Incident Reporting [Alert]

March 28, 2022

In March, the SEC proposed new rules pertaining to reporting material cybersecurity incidents and their cybersecurity risk management and governance.

FFIEC Updates Guidance to Financial Institutions for Authentication and Access [Alert]

September 14, 2021

Chris Dodson and Andy Baer discuss FFIEC's updated guidance and best practices for financial institutions for information system authentication and access management controls.

Introduction to the Virginia Consumer Data Protection Act – Part II [Cyber Law Monitor Blog]

May 25, 2021

This is the second installment of our summary of the Virginia Consumer Data Protection Act (“VCDPA”). In our first post, we covered the goals of the law as well as its applicability and thresholds, what qualifies as personal data, the consumer rights created by the VCDPA, and introduced the...

Introduction to the Virginia Consumer Data Protection Act – Part I [Cyber Law Monitor Blog]

May 10, 2021

Virginia recently joined California in enacting a comprehensive data protection law intended to protect the privacy of its residents. The Virginia Consumer Data Protection Act (the “VCDPA”) is scheduled to take effect on January 1, 2023, so impacted businesses have significant lead time to...

Victims of SolarWinds Cyberattack Face Investigation Costs, Liability Issues

January 26, 2021

Andrew Baer and Christopher Dodson discuss the significant costs and potential liability issues faced by the victims of the SolarWinds Corp. cyberattack.


  • Drexel University Thomas R. Kline School of Law, J.D., 2013
  • Fordham University, B.A., 1995

Awards & Honors

 Rising Stars, Pennsylvania Super Lawyers, 2023
* This award is conferred by Super Lawyers. A description of the selection methodology can be found here. No aspect of this advertisement has been approved by the Supreme Court of New Jersey.

  • New Jersey
  • Pennsylvania