Michael Spadea, CIPP/US
Michael Spadea advises clients on a wide range of regulatory and compliance issues related to privacy and information governance, including development and implementation of global privacy programs, management of vendors and integration of privacy into emerging technology and business models. Spadea also has significant experience in managing large multijurisdictional breaches.
Prior to joining Promontory, Spadea worked at Microsoft, where he was responsible for all aspects of information governance for enterprise customers in the services division, ensuring that its information technology infrastructure was in compliance with the Safe Harbor framework between the U.S. and the EU. He also resolved enterprise-wide customer-privacy concerns and created Microsoft's first computerized privacy training specifically for engineers. Spadea served as head of privacy for Barclays Wealth in London, where he was responsible for ensuring that all the bank's operations, products and services were compliant with privacy laws in multiple jurisdictions. For the wealth division, he led the development of a privacy dashboard that provided real-time updates on the status of privacy risks, controls, incidents, audit points and related projects. He also conducted on-site privacy and banking-secrecy risk assessments and advised on the development of the bank's IT infrastructure. As global privacy counsel for Barclays Bank, he was responsible for all regulator engagement on privacy issues and helped develop an innovative privacy risk assessment and mitigation program that won the Privacy Innovation Award by the International Association of Privacy Professionals. Spadea also worked in the corporate privacy office of FleetBoston Financial, ran a law practice in Connecticut and Massachusetts and clerked with the Superior Court of Connecticut.
Spadea earned a JD from Northeastern University School of Law and a BS in criminal justice from Northeastern University.