“I think we expected the large rubrics,” said Shannon Yavorsky, head of Orrick’s global cyber privacy and data innovation practice. “What I didn’t expect was the level of detail around some of the carve-outs and the broad, broad definitions that are drawn in.”