Partner Josh Stevens

“Too often, companies view proactive compliance as simply an expense, but nothing could be further from the truth. An integrated compliance strategy that drives operational decisions and customer experiences is an investment in the growth and success of your business.”

Phone: 614-939-9955
Fax: 614-939-9954

Josh focuses his practice on helping clients achieve their business goals while understanding and complying with federal and state consumer protection laws. As a former in-house counsel, Josh brings a critical client perspective to his legal practice and understands that businesses want an action plan – not just legal theory.

Josh has experience representing clients across a range of proactive and responsive matters, including developing compliance programs, obtaining required licensing, responding to consumer complaints, and negotiating with regulators to bring concerns to resolution. He has worked with many state and federal agencies, including the Federal Communications Commission (FCC), Consumer Financial Protection Bureau (CFPB), and attorney general and other consumer protection regulators in over 40 states.

Josh has substantial experience in privacy and data protection regulation, with particular focus on the Telephone Consumer Protection Act (TCPA), the E.U.’s General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other emerging privacy laws. He has advised dozens of businesses nationwide in assessing, adapting, and developing sound privacy policies and compliance programs. Josh brings additional experience with other complex regulatory federal and state regulations, including Unfair, Deceptive and Abusive Acts and Practices laws (UDAAP/UDAP), the FTC’s Telemarketing Sales Rule, and the Fair Debt Collection Practices Act (FDCPA).

He is accredited as both a Certified Information Privacy Professional (CIPP/US) through the International Association of Privacy Professionals (IAPP) and a Customer Engagement Compliance Professional (CECP) through the Professional Association for Customer Engagement (PACE).

Representative Experience

  • Developed privacy policies for a global auto manufacturer and its financing division, and advised on compliance programs to proactively meet CCPA requirements.
    • Worked with a multinational group of companies to align privacy policies and practices with U.S. and GDPR requirements.
    • Engaged in privacy and data security due diligence on behalf of investor in multiple early-stage fintech and consumer services companies.
    • Counseled clients in responding to civil investigative demands, subpoenas, and consumer complaints from the CFPB, state regulators, and non-governmental agencies such as the Better Business Bureau.
    • Co-authored an amicus curiae brief to the U.S. Supreme Court on behalf of a trade association seeking significant reforms to the TCPA.
    • Developed a comprehensive debt collector due diligence program for a major advertising products manufacturer.
    • Advised a national fleet management company on FCRA-compliant reporting of driver data.
    • Worked with numerous state regulators to facilitate a client’s licensing and compliance with money transmission regulations in over forty states.
    • Conducted TCPA/TSR compliance assessments for companies in many industries including home alarm, home automation, camping, timeshare, service contracts, retail, energy, and healthcare.
    • Drafted white papers and comments to the FCC on behalf of trade associations and corporate clients.
    • Advised multinational home senior care provider in creation of new marketing program on compliance with U.S. and Canadian telemarketing regulations.

On the Blog

Compliance Now

California AG’s Additional Regulations to CCPA Take Effect

On March 15, 2021, the California Attorney General’s Office (“CAG”) announced approval by the Office of Administrative Law of the fourth set of modifications to the California Consumer Privacy Act regulations. The minor modifications accepted in the fourth proposal clarify the CCPA, although developments will continue until after implementation of the California Privacy Rights Act, which is effective on January [...]

Read More »