Overview

Elizabeth (or Beth) Shirley's practice is focused on AI, Cybersecurity and Data Privacy, as well as Business Litigation. Her career at Burr & Forman spans more than 20 years. Beth holds a CIPP/US certification (Certified Information Privacy Professional) through the IAPP. She is also a Certified Information Privacy Manager (CIPM) through the IAPP. Further, Beth is certified as an AIGP – Artificial Intelligence Governance Professional.

Beth advises clients on data privacy law compliance; responding to and investigating data security incidents; cybersecurity compliance and risks; evaluating, monitoring, and using AI in businesses; breach notifications pursuant to applicable laws; preparation of AI, data privacy, and data security policies and procedures; electronic contracts and signatures, and related litigation. Beth also regularly litigates complex business and contractual disputes and has done so for close to 25 years.

In the Cybersecurity area, Beth advises companies throughout the full scope of managing and responding to data incidents; retaining appropriate vendors to investigate and remediate systems; reporting criminal activity to appropriate authorities; sending out notifications to customers; and managing litigation risk. She also advises on cybersecurity mechanisms and procedures to help reduce the risk of a cybersecurity incident before it happens.

In the Data Privacy area, she regularly advises on U.S. and other data privacy laws and regulations; addressing data privacy and adtech litigation; structuring websites to address appropriate consumer consents, use of consumer data, cookies, pixels, and other tracking mechanisms; and reviewing and evaluating vendor retention, contracts and relationships. Beth also assists companies in preparing and updating data privacy policies and procedures in compliance with existing laws, including website privacy policies. She is well-versed in CCPA/CPRA, other U.S. data privacy laws, GDPR, EU AI Act, etc.

In the AI area, Beth advises clients on determining whether and how to implement AI (including Generative AI) into their business operations; ensuring the appropriate analyses of the business’s needs and the AI program’s capabilities are performed; ensuring appropriate AI protections and human oversight are in place while using AI; preparing and reviewing AI policies and procedures; employee training on AI; disclosures on using AI to consumers; vendor relationships involving AI; and other areas businesses must consider when employing or considering whether to use AI.

Beth is also experienced in commercial business litigation, specifically focusing on business disputes, breach of contract, fraud, statutory violations, intentional interference, and other business tort claims. Beth has litigated in the areas of technology and software, healthcare, environmental, intellectual property, closely-held companies, financial and investment institutions, municipalities, construction, and other subject matters.

Beth has tried numerous cases in federal and state court in both jury and non-jury trials, as well as many arbitrations, throughout her career.

She is part of several of the firm’s teams and practice groups, including Cybersecurity & Data Privacy; Blockchain, Cryptocurrency, & Electronic Transactions; and Commercial Litigation.

Experience

  • Represented numerous companies in a wide variety of industries in responding to and managing cybersecurity data breaches, including variations of ransomware with payment demands ranging from six to seven figures. Industries include healthcare, financial institutions, manufacturers, service providers, entertainment, etc.
  • Represented numerous companies in preparing and reviewing privacy policies and ensuring privacy policies are effectively implemented and monitored.
  • Represented companies in drafting contracts to include provisions consistent with applicable privacy laws, such as CCPA, GDPR, FTC’s recommendations and best practices, etc.
  • Advised companies and drafted policies and procedures concerning maintenance of personal information, consumers’ and employees’ rights with regard to their personal information, incident response plans, security procedures, etc.
  • Advised companies in a wide variety of industries in complying with applicable data breach notification laws, including U.S. state, federal (GLBA, HIPAA, etc.), and international privacy laws.
  • Assisted companies with the process of sending out data breach notification letters and arranging related services such as call centers and credit monitoring.
  • Represented companies in disputes with consumers and vendors arising from data incidents.
  • Represented companies in responding to requests for personal information by consumers.
  • Represented franchisor in dispute with franchisee, which went to arbitration.
  • Represented Fortune 500 company in franchise dispute against franchisor, which went to a jury trial.
  • Represented private equity company in dispute over control, which went to arbitration hearing.
  • Represented accounting firm in accounting and breach of fiduciary disputes with former partners.
  • Represented companies in disputes with software developers over nature and quality of software, as well as full access to software functionalities.
  • Represented company against former investment banking firm and former auditing firm for fraud, malpractice, and breach of contract.
  • Represented companies in commercial collection actions.
  • Represented financial institutions in suits by consumers alleging violations of federal and state laws.
  • Represented minority ownership interests in attempted (failed) squeeze-out, which went to a bench trial.

Honors & Recognitions

  • International Association of Privacy Professionals (IAPP) Advisory Board Member (2024)
  • National Association of Women Lawyers (NAWL) Leadership Program (2023)
  • Mid-South Super Lawyers, Business Litigation since 2016
  • Listed in The Best Lawyers in America®: Commercial Litigation since 2023; Privacy and Data Security Law since 2025
  • Alabama Super Lawyers, Business Litigation (2014-2017); "Rising Star," Business Litigation (2010-2013)
  • Birmingham's Best Lawyers
  • Top Attorneys in Alabama
  • Managing Intellectual Property Magazine, IP Star Attorney

Newsroom

News

Speaking Engagements

Events

Articles

Professional & Community

Professional Activities

  • Birmingham Bar Association
  • Co-chair, KnowledgeNet Birmingham Chapter (2022)
  • Board Member, University of Alabama's Culverhouse Executive Cyber Advisory Board

Paralegal/Assistant

Legal Practice Assistant

Teresa McCollum
(205) 458-5265
tmccollum@burr.com

Burr
Jump to Page
Arrow icon Top

Contact Us

We use cookies to improve your website experience, provide additional security, and remember you when you return to the website. This website does not respond to "Do Not Track" signals. By clicking "Accept," you agree to our use of cookies. To learn more about how we use cookies, please see our Privacy Policy.

Necessary Cookies

Necessary cookies enable core functionality such as security, network management, and accessibility. These cookies may only be disabled by changing your browser settings, but this may affect how the website functions.

Analytical Cookies

Analytical cookies help us improve our website by collecting and reporting information on its usage. We access and process information from these cookies at an aggregate level.