Cynthia Rich is a senior advisor in the Washington office of Morrison & Foerster LLP. As a member of the firm's international Privacy and Data Security Practice since 2001, Ms. Rich works with clients on legal issues relating to privacy and transborder data transfers around the world. In particular, she assists clients in complying with applicable privacy laws and regulations which includes drafting global employee and customer privacy policies, preparing client risk assessments and compliance action plans, and analyzing restrictions on international data transfers and the use of e-mail and Internet in the workplace.
Ms. Rich manages the Global Privacy Alliance (GPA), a coalition comprised of a cross section of global businesses from the financial services, automobile, aerospace, consumer products, computer and computer software, communications, and electronic commerce sectors. The GPA works to encourage responsible, global privacy practices that enhance consumer trust as well as preserve the free flow of information. Ms. Rich provide regular updates on privacy developments around the world and advocates the views of the GPA in selected countries. Ms. Rich has coordinated and drafted industry comments in connection with public proceedings in Japan and Canada and on APEC-related matters.
In addition, Ms. Rich has played a leading role in the development of MoFoNotes, a unique database that helps organizations determine quickly local compliance requirements in jurisdictions around the world, spot possible compliance issues, and simplify the development of global privacy approaches. MoFoNotes also provides subscribers with an easy-to-use tool to keep up to date on the latest privacy developments and changes in the law. She also created MoFo's Privacy Library (www.mofoprivacy.com), a free online resource, providing links to privacy laws, regulations, reports, multilateral agreements, and government authorities for more than 90 countries around the world, including the United States. The Privacy Library is the most comprehensive collection of privacy laws and regulations ever assembled, the result of years of research and experience working with clients around the world.
Previously, Ms. Rich served for five years as a senior international policy advisor at the U.S. Department of Commerce, where she worked to develop the groundbreaking safe harbor privacy arrangement that allows U.S. organizations to satisfy the European Privacy Directive's adequacy requirements and ensure that their data flows to the United States are not interrupted.
Few lawyers in the world have Miriam’s breadth and understanding of privacy and data security laws, obligations, and practices. In the words of her clients, she is “extremely practical and phenomenally smart. Just about one of the best privacy advisers there is” (Chambers USA).
Co-chair of Morrison & Foerster’s preeminent Global Privacy and Data Security Group and ranked among the top in the profession by all major directories, Miriam is regularly called upon by some of the world’s largest and most complex multinational organizations to confront their most difficult U.S. and international privacy challenges. “Tremendous at helping you come up with practical solutions to real problems” (Chambers USA), she develops cutting-edge solutions for clients that marry legal compliance with business realities.
Having helped hundreds of clients respond to data security incidents, Miriam works with companies to develop comprehensive customized incident response plans, training staff, conducting extensive table top exercises, and addressing key issues with Boards of Directors and executive management.
Miriam advises organizations on the planning and execution of complex global compliance efforts, assists in the negotiation of strategic deals, and defends regulatory and litigation matters relating to privacy and data security in the United States and internationally. She serves as an arbitrator for the EU-U.S. Privacy Shield Framework Binding Arbitration Program. Miriam regularly advises on the global collection, use, and sharing of employee, customer, vendor, and consumer personal information and ediscovery and employee monitoring issues, as well as on developing data security policies and procedures and cybersecurity preparedness and response plans. She also counsels clients on cutting-edge consumer privacy issues surrounding emerging technologies such as the Internet of Things (IoT), telematics, and big data. Miriam also serves as a board member of the ADP AI & Data Ethics Committee.
As leader of the Global Privacy Alliance (GPA), Miriam encourages the rational development of privacy laws around the world and monitors privacy practices, laws, and regulations globally. On behalf of the GPA’s members, she takes an active role in anticipating upcoming privacy legislation and educating regulators on the commercial implications of proposed regulations.
Chambers USA and Chambers Global recommend Miriam in the top tier of privacy and data security lawyers worldwide, and Legal 500 US recognizes her as a leading lawyer for her “professionalism and strong international presence.” For her work in data protection and privacy, Miriam is an inaugural inductee into the 2017 Legal 500 Hall of Fame, which is comprised of outstanding U.S. lawyers who have been recommended as Legal 500 “Leading Lawyers” for the last six consecutive years. In 2016, she was named one of Financial Times’ “Top 10 Innovative Lawyers in North America” and a National Law Journal “Cybersecurity and Data Privacy Trailblazer” for her breakthrough work in this space. Miriam was previously designated an Ethisphere “Attorney Who Matters” and a BTI Client Service All-Star, and she is featured in Best Lawyers in America, 2021.