Steven B. Roosa is a partner in Holland & Knight's New York office and co-chair of the Data Privacy and Security Team. He is also a fellow emeritus at the Center for Information Technology Policy (CITP) at Princeton University. His practice focuses on advising companies on a wide spectrum of technology and legal issues pertaining to privacy and data security. Representative issues include: mobile app privacy compliance; leveraging anonymity solutions to help clients safely unlock the value of large data sets; Internet tracking; web security; geo-fencing; data breach and incident response; Children's Online Privacy Protection Act (COPPA); Computer Fraud and Abuse Act (CFAA); FTC compliance; privacy considerations of modified network protocols; California best practices for websites and mobile apps; compliance with wiretap statutes and the Electronic Communications Privacy Act (ECPA); public-key infrastructure (PKI); certification authority matters pertaining to online trust; and web-based reputation and defamation issues.
Mr. Roosa's day-to-day practice includes helping companies better understand the privacy profile of their websites and mobile apps and translating that knowledge into actionable risk management options. He has helped infuse the Holland & Knight Team with a tech-focused approach in which law firm privacy counseling to clients includes:
Because privacy and security matters often relate directly to a company's industry-specific, core business model or threat landscape, Mr. Roosa actively partners with Holland & Knight's national caliber attorneys and professionals in the following areas:
In the courtroom, Mr. Roosa represents a diverse array of companies in matters relating to consumer protection, online defamation, commercial disputes, and state and federal administrative law. He also works extensively on defending putative class actions involving Flash cookies and has been instrumental in obtaining voluntary dismissals for three large clients in these recent proceedings.
Typical clients include Fortune 500 corporations, privately held companies, large retailers, technology companies and nonprofit entities.
Mr. Roosa is the co-author of "Trust Darknet: Control and Compromise in the Internet's Certificate Authority Model," appearing in the May 2013 issue of the IEEE's Internet Computing. He is also a regular contributor to Holland & Knight's Privacy Blog.
Privacy-Related Class Action Litigation Defense and Regulatory Defense: represented companies in relation to FTC inquiries, Civil Investigative Demands (CIDs), subpoenas and investigations
design and implementation of internal company policies, including information security, data and records management and retention, data classification and handling, device management and Bring Your Own Device policies, codes of conduct, white papers, marketing materials, vendor white lists and internal policies on Internet tracking
Honors & Awards
Outstanding Lawyer, Nightingale's Healthcare News, 2009 Top 40 Under 40, New Jersey Law Journal, 2008
The Most Important Issue Involving Superfish Isn’t Superfish, Holland & Knight Privacy Blog, February 26, 2015
Holland & Knight Privacy Blog, December 19, 2012
Holland & Knight Privacy Blog, November 21, 2012
Mobile Apps and Network-Aware Devices: Legal Exposure in the Collection of Data and What to Do About It, AdvaMed Webinar, November 4, 2014
Rutgers University School of Law-Camden, J.D. Cornell University, B.A.
New Jersey New York
Primary Areas of Practice: Technology Transactions
Law School/Graduate School: Columbia Law School
Partner, Technology Transactions Group of Morrison & Foerster LLP in New York Office
Co-Head of U.S. Sourcing Group of Morrison & Foerster LLP
Vivian Hanson is a partner in the Technology Transactions Group of Morrison & Foerster LLP in New York and is the co-head of the firm’s U.S. Sourcing Practice. Her practice is focused primarily on complex, large-scale outsourcing transactions, as well as domestic and cross-border transactions involving technology transfers, licensing and other intellectual property transactions. Vivian has also worked extensively on joint ventures, strategic alliances, mergers, acquisitions and general corporate matters, and is fluent in Japanese. Her experience crosses a variety of industries, including entertainment, media, information services, information technology, consumer electronics, transportation and health care. She has consistently been recognized as a leading expert in the field of technology and outsourcing by such organizations as Chambers, Legal 500, Best Lawyers and Super Lawyers.
International Association of Outsourcing Professionals (IAOP)
Ieuan G. Mahony is a partner in Holland & Knight's Boston office. He concentrates his practice in intellectual property (IP) licensing and development, data privacy and security, and information technology (IT). Mr. Mahony combines his transactional and compliance work with dispute resolution and litigation matters. His substantial background in transactional and litigation practice areas helps clients receive high-quality advice in the dynamics of reaching an agreement as well as the realities of combating an adversary. Mr. Mahony is co-chair of the firm's Data Privacy and Security Team and a member of the firm's three partner Information Technology Governance Committee.
Mr. Mahony was previously a law clerk to Chief Justice Edward F. Hennessey of the Massachusetts Supreme Judicial Court from 1988 to 1999.
The following is a sample of recent matters that Mr. Mahony has handled:
Representing an international software integrator in a transaction with a cloud service provider and a state agency concerning a state-wide cloud solution for procurement process. The representation included a detailed focus on service level agreements (SLAs) as well as data privacy
Cross-Border Data Flows
Representing an international company in an email migration project, including providing guidance for compliance with the EU Data Protection Directive, assisting with self-certification to the U.S. Safe Harbor, and overseeing and managing foreign counsel to obtain advice concerning compliance with foreign national data protection and privacy laws
Representing a client in establishing a legal model for crowdfunding of local real estate development projects. The representation includes the creation of contract structures and online agreements to foster an ecosystem of community activists, interested citizens, merchants and investors
Data Rights and Interest-Based Advertising
Representing an owner of a shopping history and loyalty card data set in development agreements designed to commercialize the data set in a privacy- compliant structure. The representation includes a significant focus on interest-based and online behavioral advertising, consent mechanisms, de-identified data and data rights
Development of Common API and Creation of App Developer Ecosystem:
Representing a leading telecommunications carrier in developing and implementing a suite of application programming interfaces (APIs) for telecommunications industry solution providers. The representation includes carrier-to-carrier proof of concept and development agreements, open source and creative commons agreements with app developers, consent structures for subscribers and related elements
IP Licensing and Development:
Drafting IP, information security and service level agreements on behalf of the awarding authority in connection with a $4.25 billion contract award concerning a commuter rail system
Litigation and Dispute Resolution
Representing a renowned hospital group in connection with a licensing dispute with an entity commercializing healthcare technology developed by hospital researchers. The dispute involved three significant patent portfolios, ongoing joint development work, claims by the licensee that it held exclusive rights to a broad category of additional hospital patents and two international pharmaceutical licensees downstream to the parties in dispute.
Responsible for IP and IT elements in the sale of an aftermarket services business to global providers of business process outsourcing for $725 million.
Responsible for IP elements of a transaction that combined institutional pharmacy businesses to create a $2 billion publicly traded company.
Open Source Software:
Representing a leading global software provider in structuring a transaction to permit open source development and interoperability with elements of its proprietary software code base.
Privacy and Information Security:
Representing an international publisher of textbooks, fiction and non-fiction books, and other content in the creation of digital, interactive platforms for the distribution of its content. The representation includes significant attention to privacy and information security issues, including advice under the Children's Online Privacy Protection Act (COPPA) and Family Educational Rights and Privacy Act (FERPA), as well as online subscription agreements and related contract mechanisms.
Records Retention and Management:
Overseeing the preparation and implementation of a records management policy and a set of procedures for a retirement fund with over $1.5 billion in assets.
Honors & Awards
The Best Lawyers in America guide, Commercial Litigation, 2003-2015
Corporate Compliance Answer Book, Records Management Chapter, Privacy and Security of Personal Information Chapter, Procuring Computing Resources: IP Licensing, Outsourcing and Cloud Computing Chapter, Practising Law Institute, 2015 Edition
E-Reserve System, Holland & Knight Alert, December 12, 2012
Advisory (Aspen Publications), August 2001
Business Crimes Bulletin (Leader Publications), December 2000
Protecting Student Data Privacy: Strategies and Best Practices in the Cloud and the Classroom, Lorman Webinar, November 5, 2014
PricewaterhouseCoopers General Counsel Forum, Waltham, Mass., March 1999
PricewaterhouseCoopers General Counsel Forum, Waltham, Mass., March 1999
Boston College Law School, J.D., summa cum laude
U.S. District Court for the District of Massachusetts
Jeremy Pomeroy, a Partner at the law firm of Pomeroy Law Group PLLC, focuses his practice in the areas of information technology, digital media, intellectual property, First Amendment and advertising law. His clients include Internet startups and established media and technology companies, among others.
Mr. Pomeroy previously worked as Vice President & Associate General Counsel at Reed Business Information, a division of Reed Elsevier, Inc. At Reed, Mr. Pomeroy spearheaded the company's expansion into China and India and provided counsel to data services and media properties, including Variety, Publishers Weekly and Interior Design magazines.
Before working at Reed, Mr. Pomeroy was the General Counsel at Dash.com, Inc., a venture-backed Internet company, where he managed all legal matters as a member of the senior management team.
Prior to Dash, Mr. Pomeroy worked at the then-leading information technology firm of Brown Raysman Millstein Felder & Steiner and at Willkie Farr & Gallagher in New York.
Mr. Pomeroy has written, counseled and presented on cutting edge legal issues relating to social media, copyrights, trademarks, blogging, licensing, software, podcasting, database protection, libel, marketing, advertising, sweepstakes, marketing, webcasting, and user-generated content, among other topics. Mr. Pomeroy has published articles on a wide variety of topics in numerous publications including the National Law Journal, New York Newsday, the Multimedia & Web Strategist, the Computer Law Strategist, and the New York University Law Review.
Mr. Pomeroy graduated from Yale College and the New York University School of Law, where he was an Articles Editor on the Law Review.
· Associate at Willkie Farr & Gallagher
· Associate at Brown Raysman Millstein Felder & Steiner
· General Counsel, Dash.com, Inc.
· VP & Associate General Counsel, Reed Business Information, a division of Reed Elsevier Inc.
Orrie Dinstein is the Global Chief Privacy Officer at March & McLennan Companies. He has global responsibility for data protection, and he works closely with the Legal & Compliance, IT and Information Security teams, as well as other functions, to establish policies, procedures, processes and tools related to privacy and data protection matters. Prior to joining Marsh & McLennan, Orrie was the Chief Privacy Officer at GE Capital.
Orrie received an LL.M. degree in intellectual property from NYU School of Law and is a graduate of the Hebrew University of Jerusalem School of Law. He is a member of the New York State Bar and the Israel Bar. He is a Certified Information Privacy Professional (CIPP) and a frequent speaker on privacy, security, technology and social media matters.
John Gliedman is an Assistant General Counsel with Conduent, a BPO provider and parent company of Buck Consultants. His primary expertise is negotiating services arrangements for digitized employee benefits delivery, and related consulting, to a wide variety of corporate users.
John Rogers is the Chief Information Security Officer (CISO) for MSCI, a leading provider of financial markets data for the investment community. In this role, John is responsible for all aspects of Information Security, Privacy, and Business Continuity / IT Disaster Recovery Planning.
Prior to joining MSCI, John spent three years at BNP Paribas, a top 10 global bank, as its CISO for the Americas region. Prior to his role at BNP Paribas, John worked in a variety of consulting firms as a cyber security expert. While his consulting experience primarily focused on clients in the financial sector, he also worked in other industries including technology, retail, higher education, and non-profit. Before joining the consulting industry, John worked as an information security specialist at Bank of America.
John holds a Bachelor of Science in Electrical Engineering from Purdue University and has held numerous certifications, including CISSP, Series 99, PCI QSA, and CRMA. John has also devoted time to helping others learn more about cyber security, demonstrated through his five years of volunteer experience as the President of the ISSA Charlotte Chapter and his participation in numerous cyber conference discussions over the years.
Patrick is in house at ViacomCBS handling a diverse range of matters across advertising, marketing, privacy, information technology, information governance, outsourcing, and cybersecurity. He has 15 years prior experience as a practicing electrical engineer and Unix systems administrator. He handles high profile transactions that involve substantial business risk on both the revenue and expense sides. Beyond legal technology, he drafts and negotiates sports marketing agreements for high profile sports properties, such as the NCAA, NFL, and SEC.
Patrick is a Certified Information Privacy Professional and is routinely involved in security incident investigations to assess whether a breach has occurred, and if so, whether there is a breach notification obligation. He negotiates outsourcing and services agreements confirm to compliance with the GDPR, CCPA, HIPAA/HITECH, state statutes, and growing foreign data localization laws. Patrick regularly attends hacker conventions like Black Hat and HOPE to keep a finger on the pulse of the dark web.
Patrick also performs pro bono legal services for the Veterans Assistance Project of the City Bar of New York, and is currently representing his second disabled veteran on a claim for additional benefits from the Veterans Administration.
Rashmi Chandra brings over two decades of experience as a technology and intellectual property transactions lawyer. In her last position she served as Executive Director and Head of the Intellectual Property/Information Technology law practice group at Aetna Inc., one of the nation’s premier provider of health care, dental, pharmacy, disability insurance. As the lead IP counsel, Rashmi played a strategic role a number of pioneering initiatives including Aetna’s launch of an Enterprise Digital Accessibility policy and a Digital Accessibility center, establishing a Patent Center of Excellence, and overseeing all legal and strategic enforcement and maintenance issues relating to the Aetna enterprise and its subsidiaries’ intellectual property assets, brand counseling, media, technology and software legal issues.
Prior to her inhouse career, Rashmi spent eight years in private practice as an IP and Technology Transactions lawyer at Kirkland & Ellis (Chicago office) specializing in technology and business process outsourcing and other IP transactions.
Rashmi has served as a faculty member with the Practising Law Institute since 2015 speaking regularly on the Legal Risks of Social Media and other IP-related topics. She recently served as a faculty member with Harappa Education in India for their course: Speaking Effectively and will be a guest lecturer at the University of Connecticut School of Law IP Clinic. Rashmi serves as President and is on the Board of Directors for the South Asian Bar Association of Connecticut.
Sofia heads up the Social Media Legal department at Citi globally and is also responsible for Privacy and Data Protection across the Operations & Technology group.
Her practice areas also include mobile applications, online and offline marketing, advertising, intellectual property and promotions.
Sofia began her in-house career with Citi in 2004. Prior to that, she was in private practice at Davis & Gilbert, LLP in New York City. Sofia received her J.D. from Boston University School of Law and her B.A. from Columbia College, Columbia University.
John Burke is a Managing Director at UBS AG. He is currently the Global Head of IT, Contracting and Shared Services Legal, a global shared services legal team within UBS that provides primary legal support across several practice areas, namely Information Technology; E-Commerce & New Media; Contracting; Intellectual Property; Offshoring & Outsourcing; Data Management & Protection; and Corporate Real Estate & Administrative Services. Prior to his current role, John held the position of UBS Group Head of IT Risk Control based in Zurich, Switzerland. In that role, he was responsible for the firm's global IT risk policies and standards, IT operational risk framework, investigations and IT risk assessment process. Before that, he served as the Chief Information Security Officer of UBS Wealth Management USA. John began his in-house legal career with UBS in 1997, focusing on technology and intellectual property. Prior to that, he was an Associate at Riker, Danzig, Scherer, Hyland & Perretti LLP in New Jersey. He received his Bachelor and Master of Engineering from Manhattan College and his Juris Doctor from Rutgers University School of Law where he was a Managing Editor of the Rutgers Law Review. He is a member of the New York, New Jersey and District of New Jersey Bars. He is also a licensed Professional Engineer in New York and New Jersey.
Paul Nolting has been a technology lawyer since the mid-1980’s and has worked in the wireless industry since 1993. He is currently Senior Legal Counsel in the commercial law group at Samsung Electronics America, where he advises the company’s mobile products business. He was previously Assistant General Counsel for Verizon Wireless and Counsel in the Princeton office of Hale and Dorr. Paul received a J.D. from the New York University School of Law and a B.A. from Columbia University and is admitted to practice in New York and New Jersey.